The serious threat posed by the latest version of Ransomware has been confirmed by the FBI.–PC Pitstop
Latest Ransomware Targets Businesses
By Stu Sjouwerman, for KnowBe4.com Security Awareness Training
The latest version 3.0 of CryptoWall, descendant of the infamous CryptoLocker, is the most advanced and most damaging ransomware in the wild at the moment, specifically targeting U.S. businesses and individuals. We have been sounding the alarm about CryptoWall in CyberheistNews since last year, and its magnitude is now confirmed by law enforcement.
The FBI, through their Internet Crime Complaint Center (IC3), released an alert on June 23, 2015 that between April 2014 and June 2015, the IC3 received 992 CryptoWall-related complaints, with victims reporting losses totaling over $18 million. And that is only the reported part, the estimate is that the actual infections are at least two or three times more. Going by the reported incidents only, it’s a $70 million per year criminal enterprise, but in reality it looks more like $200 million which is unbelievable.
Some quick math shows $18,145 in costs per victim, caused by network mitigation, network countermeasures, loss of productivity, legal fees, IT services, and/or the purchase of credit monitoring services for employees or customers. As you can see, the total costs of a ransomware infection goes well above just the ransom fee itself, which is usually around $500 but can go up to $10,000.
The four infection vectors sorted by frequency:
Phishing email with infected attachment
Phishing email with malicious URL
User clicks on infected ad
User visits infected website