Ransomware causes $3 billion worth of losses in H1

dubai - There has been a 172% increase in ransomware due to business e-mail compromise

It looks like 2016 is the year of online extortion through various malicious attacks as the first half saw a 172 per cent increase in ransomware and $3 billion losses due to business e-mail compromise (BEC), Trend Micro said in a report on Monday.

"Ransomware is capable of crippling organisations and the cyber criminals spearheading these attacks are creatively evolving on a continuous basis to keep enterprises guessing," said Raimund Genes, chief technology officer for Trend Micro.

"It has dominated the threat landscape so far in 2016, causing immense losses to businesses across multiple industries," Genes said.

He advised enterprises to adopt multi-layered security solutions to combat these threats that could attempt to penetrate corporate networks at any time.

In total, 79 new ransomware families were identified in the first six months of the year, which surpasses the total number of new families found in 2015. Both new and old variants caused a total of $209 million in monetary losses to enterprises. Ransomware attacks found in the first half of 2016, such as BEC scams, originated from e-mails 58 per cent of the time.

BEC scams have spread across the world as the FBI listed more than 22,000 victims in 2016 till date, with more than $3 billion in losses. Trend Micro has found that the US is the most targeted country for these attacks.

Research shows both growth and evolution in vulnerabilities and exploit kits (EKs). Angler was found to steadily decrease in use, while other EKs such as Neutrino filled the void. New vulnerabilities and ransomware were added to keep EKs up to date and effective.

Unpatched software continues to provide additional opportunities for attackers to infect networks via EKs.
In the first half of 2016, Trend Micro discovered 473 vulnerabilities in a variety of products, with 28 coming from Adobe Flash and 108 from Advantech's Web Access.
"While it's unfortunate for us, cyber criminals are resilient and flexible when it comes to altering an attack method each time we find a patch or solution," said Ed Cabrera, chief cyber security officer for Trend Micro.
"This creates massive problems for enterprises and individuals since the threats change as often as solutions are provided. It bodes well for businesses to anticipate being targeted and to prepare accordingly, implementing the latest security solutions, virtual patching and employee education to mitigate risks from all angles," Cabrera said.
- abdulbasit@khaleejtimes.com