Kaspersky: Ransomware doubled last year, shifted focus to enterprise

Malware escalation and a massive rise in CryptoLocker attacks were among the cybersecurity headlines for 2015, Kaspersky said in a year-end overview.

Kaspersky report corporate malware ransomware

A majority of PCs in the workplace were struck by “at least one attempted malware infection” last year, cybersecurity company Kaspersky said in an overview of corporate threats observed throughout 2015 released last month.

Well over half, or 58%, of PCs were infected. That’s a gain of 3% over 2014.

Meanwhile, CryptoLocker attacks doubled, Kaspersky says in its press release about the report.

CryptoLocker attacks are when a trojan-infected PC user receives a ransom demand to decrypt files, stop a denial of service attack, or other onerous result if the ransom isn’t paid.

And “cybercriminals don’t always honor the agreement once the ransom has been paid,” Kaspersky says.

Big trouble this year?

Research continues to suggest that cybersecurity will be a big issue in 2016.

One in three “business computers were exposed at least once to an Internet-based attack” last year, Kaspersky estimated.

And the enterprise is currently the focus of these assaults. Office-oriented applications were exploited “three times as often as in consumer attacks,” Kaspersky says in the release.

Not an accident

Unlike hacking of old, today’s hackers have been gathering intelligence on target companies.

“These attacks were found to be carefully planned, with cyber-attackers taking time to investigate a target company’s contacts and suppliers, and even the personal interests and browsing habits of individual employees,” according to the security outfit.

In other words, it’s no longer just kids in bedrooms with a laptop and too much time on their hands.

Mobile increasing too

USB sticks and other local threats, such as media devices, also increased last year.

A 7% uptick in the Android arena emerged as more hackers realized data was attainable off mobile devices as well as the traditional PC in the work environment.


The ransomware trojans, called CryptoLocker, were detected on over 50,000 machines in the corporate environment in 2015. That was twice the rate found in the previous year, and more than on consumers' devices.

The reason for the enterprise-weighted targeting? It’s probably because corporate powers are more likely to pay the ransom with no questions asked. Individuals could be more inclined to put up an argument—or just give up.

It’s the money

Banks, investment funds, and financial instrument handlers like exchanges were hit hard, Kaspersky says. It reckons one hacker group raked in $2.5 million to $10 million per successful attack.

It wasn’t just traditional banks facing losses, though. Bitcoin was targeted heavily too, Kaspersky writes.


Kaspersky, as one might expect, reckons its products help. It says that over 11,000 attempts to infiltrate Point-of-Sale terminals in 2015 were blocked by Kaspersky products.

Seven “families of programs designed to steal data from PoS terminals” were brand new in 2015. The security outfit thinks that there are currently 10 “families” of programs hunting for access to the terminals.

Moving on

Just like their corporate brethren, hackers have started to operate by hedging and diversifying.

The Chinese Advanced Persistent Threat (APT) is one that has “switched targets from companies involved in computer games to those in pharmaceuticals and telecommunications,” Kaspersky says.

APTs are stealthy and continuously exploiting processes run over a period of time.

The Winnti Group is also diversifying. It’s gotten into pharmaceuticals.

Cat and mouse

And where’s it all headed this year, one might ask? Well, enterprises are now taking security more seriously. There are probably fewer IT employees who aren’t viewing it as a risk now.

And that likely means law enforcement is catching on, too. So expect more nabs if the cat gets the mouse.

“We expect tougher safety standards from regulators, which could lead to more cybercriminals being arrested in 2016,” Yury Namestnikov, senior security researcher at Kaspersky Labs, says in the press release.

This article is published as part of the IDG Contributor Network. Want to Join?

Must read: Hidden Cause of Slow Internet and how to fix it
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies