3,500% increase in ransomware domains in Q1 2016

ddos-attack-protection-planRansomware – malware that encrypts unsuspecting users’ files until they pay a fee for the decryption key, usually payable in Bitcoin – has been enjoying a boom in the last few months, with new strains emerging weekly. Indeed, one site analysing ransomware strains now lists nearly 130 current variants.

Ransomware now represents 60% of malware

New research shows just how big the ransomware boom has been. Infoblox’s DNS Threat Index for Q1 2016 has determined that there was a 3,500% increase in ransomware domains in Q1 2016, compared with Q2 2015, “propelling it to account for 60 percent of the entire malware category.”

Attacks on businesses increase

The main reason for this upsurge is the shift from attacks on individuals to attacks on businesses. Infoblox explains: “What has changed over the past quarter or two is a shift from small-dollar heists targeting consumers to larger, more profitable attacks on commercial entities.”

The criminal appeal of ransomware

This is hardly surprising. Ransomware is easy to spread – most often via exploit kits such as Angler, RIG and Neutrino, which rely on both phishing and drive-by cyber attacks to claim victims – and generates a good return on investment for cyber criminals, with the majority of victims opting to pay.

News stories of successful ransomware attacks have encouraged other attackers to join the ransomware racket. In 2016, high-profile incidents – such as attacks on hospitals, police forces and councils – have regularly featured in the news, as a glance through our blog archives will confirm.

Best-practice approach to ransomware mitigation

The ransomware threat isn’t going away. As Infoblox concludes: “Unless and until companies figure out how to guard against ransomware – and certainly not reward the attack – we expect it to continue its successful run. Fortunately, as with any malware, prevention is well understood: tight security measures, up to date software, user best practices and clean, protected backup data.”

All of these are covered by the international standard for information security, ISO 27001.

An ISO 27001-compliant ISMS (information security management system) provides a risk-based approach to data security that can be applied across the firm and throughout the supply chain. Once your ISMS has been certified to the Standard you can insist that third-party contractors and suppliers also achieve certification, helping secure your supply chain. As well as improving your cyber security, the external validation offered by ISO 27001 certification is likely to increase your organisation’s business efficiency while providing a higher level of confidence to customers and stakeholders, as well as allowing you to meet your legal, contractual and regulatory data protection obligations.

Help towards ISO 27001 certification

IT Governance has been helping organisations of all sizes and locations implement ISO 27001 for well over a decade. Whatever you want to know, and whatever resources you need, we’re your single source for everything to do with ISO 27001 – from the Standard itself to booksdocumentation toolkitstraining coursesconsultancy and software to help you implement an ISMS in your organisation.

Starting at just £380, our ISO 27001 Packaged Solutions combine all of these resources in fixed-price packages to suit all needs. Click here for more information on ISO 27001 >>

Blog banner 27k