There was one known ransomware family variant in 2012, according to F-Secure’s State of Cyber Security 2017 report. By 2015, there were 35 variants of the online threat that infects your computer to hold your files hostage for ransom, which exploded to 193 in 2016.
This eruption of ransomware development doesn’t make it much more difficult to defend against the threat.
“Even though ransomware families are growing at an extremely fast pace, they still all use the same sort of ‘delivery systems’ – spam and/or exploit kits,” F-Secure Security Advisor Sean Sullivan told me. “It’s at the front end that we aim to defend our customers first. Besides that, we aim to produce generic detections of bad behavior in our Internet security products including SAFE. All Macro-based threats are bad, and blocked, regardless of what family its pushing.”
It does provide a slight hinderance for the Labs analysis’ efforts.
“What the growth makes difficult, is tracking and reporting,” he said. “We see from our data that we’re generically blocking ransomware, but we may end up losing some visibility on which particularly family was blocked. But that’s a particular tradeoff rather worth making.’
Tracking the families offers both a sense of the pervasiveness of the threat and the criminals who might behind a particular piece of malware.
This subway style map gives you a decent sense of how onerous of a task that has become:
So how can we stop ransomware in its tracks?
Unfortunately, there is no simple solution. Every potential path requires either a historic step or a something resembling a miracle. Here are four unlikely ways the ransomware explosion could be stopped cold, or at least slowed to a more slow, smoldering explosion.
[Image by Marco Verch via Flickr]
This is a guest post by F-Secure trainee Mari Mäkinen. The cyber security market is…
July 19, 2017
On a recent trip to the Finnish Archipelago, F-Secure security advisor Sean Sullivan scanned the…
July 13, 2017