9.1% of all ransomware-infected emails detected by Bitdefender in 2015 have targeted UK users. Furthermore, 54% of all malware files targeting the UK contained some form of ransomware.
The ransomware problem has continued to catch users off guard this year, especially since recent iterations of extortion-based malware, such as CryptoWall 4.0, have grown increasingly hard to detect; and almost impossible to stop.
In order to determine the percentage of ransomware sent globally targeting specific countries, Bitdefender calculated the number of ransomware infections per country split by the number of global ransomware infections. As a result, 9.1% of all ransomware-infected emails targeted the UK, second only to the US, targeted by 21.2% of all malicious email infections.
In June 2015, the FBI issued a warning recognising CryptoWall “as the most current and significant ransomware threat targeting U.S. individuals and businesses.” Bitdefender reports show that 61.8% of all malware files targeting US internet users contained some form of ransomware: mostly Cryptowall, CryptoLocker and other iterations.
This means hundreds of thousands of users received and opened a ransomware-infected email message in 2015. The US is closely followed by France (55.8%); the UK (54.5%); Romania (50.2%); Australia (47.9%); Denmark (42.3%) and Germany (30.2%).
“These numbers show that ransomware masterminds have made countries such as the UK and US priority targets to attack, most likely because they consider both to be highly profitable markets,” states Catalin Cosoi, Chief Security Strategist at Bitdefender. “In 2015, the creators of the notorious CryptoWall ransomware have managed to extort more than $325 million from US victims. We also have to consider the use of sophisticated encryption algorithms that often leave victims no choice but to pay the ransom. In some cases, the FBI itself has encouraged companies to settle the ransom.”
Ransomware is on the rise and in 2016 the threat is expected to spread to multiple platforms. Linux ransomware will become more refined and may leverage known vulnerabilities in an operating system’s kernel to get deeper into the filesystem. Botnets to brute force login credentials for content management systems may also become larger in 2016. These credentials could be then used by Linux ransomware operators to automate encryption of a significant part of the internet.
Leveraging its 15 years of experience successfully fighting malware, Bitdefender has made significant technology advances in detecting and blocking this sophisticated breed of malware, which will undoubtedly continue in 2016.