CYREN Blog

 

Ransomware — Protect Yourself or Pay

by Dan Maier

Filed under Email Security, Phishing, Ransomware, Web Security.

Ransomware

Locky Ransomware in 2016

Ransomware has surged dramatically this year with the launch of a new variant called “Locky.” Delivered via massive malicious spam blasts (malspam), Locky represented 40% of all malware distributed worldwide during the first quarter of 2016.

And as these attacks have become more sophisticated, attackers are increasingly targeting businesses and organizations that have deeper pockets. So far, law enforcement has been helpless to stop these threats, IT teams are struggling and failing to protect their organizations, and attackers are raking in the money.



As a result, we (and everyone else in the market) expect dramatic growth in ransomware over the next year - as a matter of fact, we’re already seeing it:

  • Ransomware distribution is expanding from malspam email blasts to a number of well-known exploit kits that deliver the malware via the web on compromised websites or malvertising.
  • The evolution of each ransomware variant is happening quite quickly as well - the Locky virus changed its payload format from malicious macros in MS Office files, to obfuscated javascript in zipped files within 30 days of the first malspam outbreak.
  • Ransomware is evolving to go after targets that are traditionally more difficult to compromise and monetize, including smartphones and Mac computers.

How to Protect your Business

These attacks can seriously impact your business, and legacy security technologies are notoriously bad at stopping these threats. In order to defend yourself, you need to take a look at advanced cloud gateway and endpoint security across both email and web channels, incorporating advanced security technologies like sandboxing, outbreak detection, IP reputation, and machine learning. 

To learn what you can do to prevent your business from being victimized by ransomware, check out our recent webinar on that topic (see link below). And for deeper technical dives, see the blogs below, and sign up for our upcoming "deep dive" on Locky by our security research team on May 17: