Ransomware Increasingly Targets Businesses Instead of Consumers

In terms of impact and scale, 2017 is shaping up as a milestone year for ransomware, with multiple high-profile incidents including the WannaCry and NotPetya attacks. According to the Symantec Internet Security Special Report (ISTR) on Ransomware released Aug. 30, ransomware is on track this year to set new records for the number of infections. The 35-page report reveals that in the first six months of 2017, Symantec had already blocked 319,000 ransomware infections. Prior to this year, ransomware was mostly a consumer-facing problem representing 70 percent of reported infections. So far in 2017, it appears that cyber-criminals are shifting their aim, with 58 percent of ransomware infections impacting consumers and 42 percent hitting enterprises. In this slide show, eWEEK looks at some of the highlights of the Symantec ISTR Ransomware 2017 report.

In the first six months of 2017, Symantec blocked 319,000 ransomware infections, putting the year on pace to eclipse the 470,000 infections blocked in all of 2016.

Although the number of infections is growing, there are fewer new ransomware families. In the first six months of 2017, Symantec discovered only 16 new ransomware families.

The largest ransomware incident so far this year has been the WannaCry attack, which employed an exploit known as EternalBlue. At its peak, Symantec was blocking more than 100,000 exploit attempts per hour.

In 2015 and 2016, at least 70 percent of all blocked ransomware attacks were on consumer devices. So far in 2017, the amount has dropped to 58 percent, as ransomware such as WannaCry increasingly takes aim at enterprises.

The average ransomware demand to this point in 2017 is $544, which is down from the average of $1,071 in 2016.

While ransomware is a global problem, computers and businesses in the U.S. are a favorite target, representing 29 percent of all infections seen by Symantec.

A study by Symantec’s Norton Cyber-Security Insight team found that 34 percent of ransomware victims globally pay the ransom demand. In the U.S., that figure rises to 64 percent of victims.