Europol reports rise in ransomware attacks

Global ransomware attacks have steadily increased over the past five years reports Europol, the European police agency, with criminals “lured by the promise of profit and ease of implementation.”

However, more businesses have responded by signing up to a cross-industry anti-ransomware initiative launched last year.

Europol cited a report issued last month by cybersecurity specialists Kaspersky Lab, which showed the total number of users who encountered ransomware between April 2016 and March 2017 increased by 11.4% year-on-year, from 2,315,931 to 2,581,026 worldwide.

The period pre-dates the WannaCry attack in May this year, which Europol said had affected more than 300,000 businesses across 150 countries in its first few days.

The attack, using a type of malware that encrypts files on an infected computer and demands money to unlock them, crippled “critical infrastructure and businesses”, Europol said. The perpetrators then demand payment of a ransom, usually in bitcoin, to restore the data to its unencrypted form.

A further attack followed last month across Europe and North America, which was revealed to be from an updated version of a malware called Petya. “Some organisations are still struggling to recover from ExPetya attacks of 27 June,” said Europol.

Initially assumed to be a further ransomware incident, some researchers believe the main purpose of Petya attack was to install new malware on computers at commercial and government organisations in Ukraine.

Consumer goods group Reckitt Benckiser, which was among businesses hit by Petya, reported earlier this week that it had halted production, shipping and invoicing at a number of its European locations and sales in the current year would be hit.

Europol’s report marked the first anniversary of the launch of an initiative named ‘No More Ransom’, which it developed in partnership with the Dutch National Police, McAfee and Kaspersky Lab

The No More Ransom online portal aims to assist victims of ransomware in recovering their data and raise awareness about the dangers of ransomware. It is now available in 26 languages. Europol has posted 54 decryption tools, provided by nine partners and covering 104 varieties on ransomware, on the website. These have helped “decrypt more than 28,000 devices, depriving cybercriminals of an estimated €8m in ransoms”.

The initiative has signed up more than 100 partners in its first year, with recent additions including Barclays, the cyber security agency of Singapore and law enforcement agencies in the Czech Republic, Greece, Hong Kong and Iran.

The No More Ransom portal attracted 1.3m unique visitors in its first 12 months, with a peak of 150,000 using the site on 14 May, when the WannaCry crisis struck. Europol described the initiative as a shared success that could not be achieved by law enforcement or private industry alone.

“However, prevention is no doubt better than cure. Internet users need to avoid becoming a victim in the first place,” the agency added.

It again urged businesses to ensure that security on all computer systems was updated and stressed that those attacked should not pay any ransom demand but alert the police. “By joining forces, we enhance our ability to take on the criminals and stop them from harming people, businesses and critical infrastructure, once and for all.”

44 views

Related reading