Ransomware Attacks Rise 250 Percent in 2017, Hitting U.S. Hardest

ransomware wannacry bitcoin ransom kaspersky
A screenshot shows a WannaCry ransomware demand, provided by cybersecurity firm Symantec, in Mountain View, California, on May 15. Symantec/Handout via REUTERS

Updated | Mobile ransomware has risen by over 250 percent during the first few months of 2017, according to a report Monday by the security firm Kaspersky. The publication of the cybersecurity statistics, which revealed that the U.S. is the country worst affected by the issue, comes as experts warn of a ransomware epidemic in the wake of the WannaCry cyberattack.

The Kaspersky Lab Malware Report for the first quarter of this year revealed that the number of mobile ransomware files detected had reached 218,625, compared with 61,832 in the previous quarter. Devices compromised by ransomware mean the owner must pay a ransom in order to recover their data.

The threat is most often associated with computers, but Roman Unuchek, a senior malware analyst at Kaspersky, said the report should serve as a reminder that attackers are not only targeting PCs but also mobile devices. “The mobile threat landscape for ransomware was far from calm” during the first three months of 2017, he said. “Ransomware targeting mobile devices soared, with new ransomware families and modifications continuing to proliferate.” mobile Ransomware map 2017 kaspersky Geography of mobile Trojan-Ransomware in Q1 2017. Kaspersky Lab

A separate report on Monday by Cybersecurity Ventures predicted that ransomware damage costs would exceed $5 billion in 2017. This takes into consideration the damage of several factors beyond just the cost of the ransom, including the loss of data, downtime and lost productivity.

The WannaCry ransomware attack that hit the U.K.’s National Health Service earlier in May, as well as thousands of other organizations and businesses around the world, was one of the most widespread ransomware attacks that has ever taken place. The estimated damage it caused could exceed $1 billion, according to the report, despite only around $100,000 in bitcoins having so far been paid in ransoms to the perpetrators.

So few of the ransoms being paid suggests that most victims were able to come up with their own solutions, though it remains unclear whether any of the victims that paid the ransom had access to their data returned.

At a recent roundtable event in London to discuss the implications of WannaCry, security experts described ransomware as the “go-to method of attack” for cybercriminals and “the epidemic of our time.”

Speaking to Newsweek, Hatem Naguib, a senior vice president at security firm Barracuda, says the scourge had been predicted as far back as 2014. “Ransomware has been around for 30 years or so, but it’s really become a major problem in recent years. Will WannaCry be a watershed moment and a wakeup call for businesses and the cybersecurity industry? Only time will tell.”

Correction: An earlier version of this story mistakenly said ransomware attacks rose by 350 percent. They rose by 250 percent.