- ‘Gold rush’ mentality fueling higher demands for blocked data
- Hospitals not the most targeted, despite publicized cases
Hackers using software to block data and then demand money in return are relying on increasingly advanced techniques more commonly seen in cyber-espionage cases, the antivirus company Symantec Corp. said.
While individuals are still the major target of such ransomware attacks, accounting for about 57 percent of recorded victims, infections of businesses and larger organizations are on the rise, spiking in late 2015, Symantec said Tuesday in its annual “Ransomware and Businesses” report. With global losses due to ransomware attacks climbing, perpetrators have a “gold rush” mentality that is fueling new techniques and higher demands for payments.
“A growing number of gangs are beginning to focus on targeted attacks against large organizations,” according to the Mountain View, California-based company. “Although more complex and time-consuming to perform, a successful targeted attack on an organization can potentially infect thousands of computers, causing massive operational disruption and serious damage to revenues and reputation.”
Ransomware hackers drew widespread attention earlier this year when they targeted Hollywood Presbyterian Medical Center’s systems in February. The hospital eventually paid 40 bitcoin, the electronic currency that was worth about $17,000 at the time.
Two other California hospitals were attacked in the spring, leading to concerns that hospitals were becoming the target of choice for hackers, but the Symantec report said health care "does not appear among the most frequently infected sectors." The service industry and manufacturing industry were the targets of 38 and 17 percent of attacks on organizations from January 2015 to April 2016, respectively.
Ransomware attackers can gain access to files through items like an attachment to a spam e-mail or fake advertisement on a website. The attacks have been growing every year, with the FBI receiving more than 2,400 complaints in 2015 for $24 million in losses -- up from more than 1,800 complaints in 2014. With individuals still the primary victims, partly because they are less likely to have strong security software installed on their computers, the average ransom this year through April was $679.
Symantec’s report says that significant strides in file encryption technology is one of the main drivers of growth in the ransomware business. A record number of new strands, or families, of ransomware were detected in 2015 and about 80 percent of them were able to encrypt the files of the affected server.
Microsoft Corp.’s Windows platform is targeted the most, but the first widespread ransomware attack on the Apple Inc. Mac’s OS X software was recorded in March. Mobile phones are not yet widely attacked, the report said.