Ransomware – a brief introduction

Ransomware is one of the most widespread and damaging threats that internet users

face. Since the infamous CryptoLocker first appeared in 2013, we’ve seen a new era of

file-encrypting ransomware variants delivered through spam messages and Exploit Kits,

extorting money from home users and businesses alike.

The current wave of ransomware families can have their roots traced back to the early

days of Fake AV, through “Locker” variants and finally to the file-encrypting variants that are

prevalent today. Each distinct category of malware has shared a common goal – to extort

money from victims through social engineering and outright intimidation. The demands for

money have grown more forceful with each iteration.

And the financial consequences can be severe. The Hollywood Presbyterian Medical Center

reportedly paid 40 Bitcoins ($17,000) to regain access to its files, while the Kansas Heart

Hospital despite paying an undisclosed sum, was faced with a second ransom demand and

not given access to all of its files.


McAfee Labs discovered nearly 1.2 million ransomware attacks during the first

quarter of 2016, a 24 percent increase compared to the fourth quarter of 2015



A Kaspersky study during 2014 and 2015 found that total ransomware attacks

during the period of the analysis increased by 17.7 percent, but that cryptoware

variants had increased by 448 percent during that period



A US government interagency document published by the US Department of

Justice in 2016 reported that in excess of 4,000 ransomware attacks have

occurred each day since the first of the year, a 300 percent increase compared to 2015



Attackers receive an estimated 1,425 percent return on investment for exploit kit

and ransomware schemes ($84,100 net revenue for each $5,900 investment),

according to the 2015 Trustwave Global Security Report.


History of RansomWare


Protect Against RansomWare