Attack and loss: ransomware 2016

Dec 30, 2016360TS

Ransomware in 2016

Ransomware, a special version of trojan that encrypts files, has become a new and tremendously growing type of cybercrime. The 2016 Ransomware Report released by 360 Security Center lately presents that:

– 4.9 million computers were attacked in China
– 56,000 ransomware infections worldwide only in March 2016
– $1 billion dollar source of income for cyber criminals estimated by FBI
– Almost half of organizations have been hit with ransomware

8 immense ransomware attacks worldwide:

1. Three Indian Banks were infected ransomware and faced several million dollars loss

In January 2016, three Indian banks’ and a pharmaceutical company’s computer systems were infected by ransomware. The attacker asked for 1 bitcoin (about $905) for each infected computer, and then used unprotected desktop interface to infect other connected computers from remote. These corps lost several million dollars due to the huge number of infected computers .

2. Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin

February 5th 2016, Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to a hacker who seized control of the hospital’s computer systems and would give back access only when the money was paid. Two hospitals in Ottawa and in Ontario were attacked by ransomware later on.

3. Schools attacked by ransomware and paid $8,500 in the U.S.

In February 2016, several schools’ computer systems were attacked by ransomware. The hacker took control of the intranet and servers, and asked for 20 bitcoin. These school ended up paying the anonymous hacker $8,500 to get their IT systems back.

4. In-Email ransomware “Locky” widely spreaded

In the mid-February, a new ransomware “Locky” started to spread out via email. 7 out of 10 malicious email attachments delivered Locky in Q2 2016. Once users activated the file attached in the email, their files were encrypted and had to pay the distributor a certain ransom to decrypt these files.

5. Yahoo and Google banned by US congress due to increased ransomware attacks

May 2016, a series of ransomware attacks on the House of Representatives have led US congress to ban using Yahoo Mail and Google hosted-apps, and warned their members about being caution of Internet security.

6. Ransomware attacks cost big amount of ransom in Hong Kong

In October, 2016, 277 ransomware attacks were reported to Government Computer Emergency Response Team in Hong Kong, China. Most of the malware were hidden in email attachments and disguised as bills or receipts to trick users to click. The victims included the Marine Department of Hong Kong and Deloitte, one of the biggest accounting firms in the world.

7. Locky attacks users via social networks

In November 2016, other than emails, Locky began to transmit through social networks such as Facebook, LinkedIn with images contained malicious application. The file could be automatically downloaded while users were browsing, and installed once users clicked to check.

8. Free ride? San Francisco public transportation system hacked by ransomeware

November 2016, San Francisco public transportation system Muni was hacked and requested for a $73,000 ransom in bitcoin to get back encrypted data. SFMTA (The San Francisco Municipal Transportation Authority) refused to pay the ransom and shut down the fair system. They lost about $559,000 in fares per day.

We can see that ransomeware is terrifying and collecting money illegally around the world. However, it’s almost impossible to decrypt the infected files by yourself, even for people with high information technology skills. There are 4 ways to prevent being infected by ransomware.

Four Ways to prevent ransomeware infection

1. Don’t download, or install any suspicious files (even from someone you know)
2. Install 360 Total Security and update regularly to have the most updated malware database
3. Beware of any warning messages from 360 Total Security
4. Back up files and save in different locations

(Read: What can I do if my files were infected already?)

While fighting with all the cyber crimes, it’s always better to prevent than cure. 360 Total Security commits to stand in the front line and battle with these disgraceful activities to protect our users as always.