In a recent report, Security firm Kaspersky Lab revealed that ransomware attacks on both PC and mobile devices have risen to epidemic level.
Ransomware is defined as a type of malware that prevents victims from accessing information on their PC or mobile devices. These malwares encrypt important files or sometimes lock the computer and force the user to pay a ransom in return for gaining back access their system.
Kaspersky reported that from April 2015 to March 2016, over 2.3 million PC users around the world encountered ransomware, 17.7% than the year before. The top five countries affected by PC ransomware in 2015 were India (9.6%), the Russian Federation (6.41%), Kazakhstan (5.75%), Italy (5.25%) and Germany (4.26%).
Ransomware is rapidly moving from PC to Mobile, then IoT
Mobile ransomware also skyrocketed, almost four times, from over 35,000 attacks, for the period of April 2014 to March 2015, to more than 136,500 a year later.
The top five countries affected by mobile ransomware last year were Germany (22.90%), Canada (19.61%), the United Kingdom (16.13%), the United States (15.64%) and Kazakhstan (14.42%).
“The extortion model is here to stay. Mobile ransomware emerged as a follow-up to PC ransomware and it is likely that it will be followed-up with malware targeting devices that are very different to a PC or a smartphone,” said Roman Unuchek, mobile security expert at Kaspersky Lab. And any connected device with an Internet address is at risk.
Early this year, the Federal Bureau of Investigation (FBI) warned the public about the ransomware internet scam. To protect yourself from ransomware attacks, the FBI recommends the following preventive measures:
- Conduct regular system back-ups and store the backed-up data offline
- Filter out e-mails with .exe attachments
- Update antivirus software
- Enable automated patches for your operating system
- Have strong passwords
- Use a pop-up blocker
- Only download software from sites you know and trust
- Don’t open attachments in unsolicited e-mails and never click on a URL contained in an unsolicited e-mail