Ransomware forces its victims to pay after encrypting their critical files. Never give in to their demands. GRAPHICS COURTESY OF KASPERSKY LAB
The threat posed by encryption ransomware has been on the rise globally with the number of affected users climbing 550% since 2014, a software security firm has reported.
Kaspersky Lab has found that from April 2014 to March 2015 ransomware victims soared from 131,111 to 718,536 during the same period in 2015 to 2016. This coincided with the rise in the number of users who encountered some type of ransomware from 1,967,784 users in 2014-2015 to 2,315,931 worldwide. An increase of 17%.
The report identified users in Germany, Italy, and the United States as the most affected by the malware.
While the Philippines was not gravely affected, Kaspersky said ransomware attacks in the country rose by 1.54%, from 10,256 users in 2014-2015 to 10,414 in 2015-2016.
“These figures uncover the reality that the threat of crypto-ransomware exists not only in developed countries but also in emerging nations like the Philippines,” warned Anthony Chua, Territory Channel Manager for the Philippines and Singapore at Kaspersky Lab Southeast Asia.
Ransomware is a type of malware that infects a computer and restricts access to it. It then demands the user to pay a ransom in order to remove the restrictions. The malware takes away a user’s critical data – such as documents, pictures or videos — while leaving basic functions untouched.
After victims are lulled into a sense of panic due to their inability to access their files, the malware then forces them to pay ransom by threatening to delete affected files.
A report by the Federal Bureau of Investigation (FBI) in 2012 said that the first cases of ransomware were reported in Russia to Germany, Hungary, and the United States. Some even used fake FBI messages to force victims to pay ransom.
After the first reported case in 2013, crypto-ransomware has spread worldwide.
Kaspersky reported that attacks by crypto-ransomware like CryptoLocker, which affects systems running on Windows, rose dramatically in proportion to those encountering normal ransomware from 6.6% in 2014-2015 to 31.6% in 2015-2016.
Meanwhile, the number of users attacked with blockers – ransomware that lock the screens of its victims’ devices – decreased by 13.03%, from 1,836,673 in 2014-2015 to 1,597,395 in 2015-2016.
Fenor Sinitsyn, senior Malware analyst at Kaspersky Lab, noted that the drastic increase in users affected by ransomware was due to it being one of the safest ways for cybercriminals to extort money.
“The biggest problem with crypto-ransomware today is that sometimes the only way to get the encrypted data back is to pay the criminals, and victims tend to pay. That brings a lot of money into the underground ecosystem that has grown up around this malware, and as a result we are seeing new cryptors appear almost daily,” said Sinitsyn.
Kaspersky advised users to use reliable software security programs and back-up important files to mitigate the impact of a possible crypto-ransomware attack. Users were also advised to be careful about downloading files or viewing emails from suspicious sources.
“If, for some reason your files are encrypted with ransomware and you are asked to a pay a ransom, don’t pay […] the creation, spreading and demanding of a ransom for decryption are all actions that are defined as criminal in most countries around the globe. Report an attack to the police in order to start an investigation,” warned Kaspersky in its report. Kurt Lozano, Inquirer.net trainee/rga