Ransomware attacks continue to be popular
The recent ransomware attack against the NHS caused millions of pounds worth of damage – and put countless lives at risks when operations and general treatment had to be delayed. Despite the chaos, security experts believe that the criminals behind the attack made just $100,000 in the week after infection.
Ransomware attacks continue to be popular with hackers, so economists and researchers at the University of Kent have been studying the technique to try and understand what makes it successful.
Relatively high expectations of success
According to the research, cybercriminals expect around 50% of people to pay the ransom once infected. However current attacks are relatively unsophisticated because every infected machine is hit with the same ransom – in the case of the WannaCry attack, users were asked for between $300 and $600 to recover their files.
For cybercriminals, this scattergun approach relies on at least half of their victims believing their files to be worth more than $300. The researchers note that many people believe their information is worth less, while others do not believe that paying the ransom will fix the problem anyway.
Expensive computers will become high-value targets
In future, analysts expect malware to become more “aware”. The next generation of ransomware will detect the type of machine infected, and create a ransom demand based on the perceived value of the computer. Logically the owner of a high-end Apple computer worth £2000 plus is likely to have more money available than someone using a £250 Asus laptop – so their ransom demand will be far higher.
Implementing sliding scales in this way increases the likelihood of securing a payment and maximises profitability in the process. If you have a top-end computer, you are much more likely to be targeted by cybercriminals in future.
Women are much more likely to pay up
Researchers also discovered that women are much more likely to give into a cybercriminal’s demands. Their study concluded that women would spend an average of £326 to regain access to their encrypted data; men were willing to pay much less – just £233.
Cybercriminals can use this information in two ways. First, they could better target their malware attacks, using social engineering to identify women and infecting their computers directly.
Second, the malware could use an intelligent algorithm to assess whether an infected computer belongs to a man or a woman. This could then be used to adjust the ransom automatically to a level where it is most likely to be paid according to gender.
International differences
A very recent study suggests that people based in the US are slightly more likely to fall victim to ransomware simply because they don’t know what it actually is. When questioned, just 37% of users in the US were able to give an accurate definition’ in the UK the recognition was only slightly better at 42% (before the WannaCry attack).
Age is important
Most of us tend to assume that older people are more likely to fall victim to scammers because they are unfamiliar with technology. The Better Business Bureau have turned this assumption on its head however.
Their research shows that 69% of victims are aged under 45. Drilling further into the results, millennials (aged between 25 and 34) were three times more likely to be scammed than the over-55s.
Anti-malware is the key
The fact is that ransomware continues to evolve, becoming more sophisticated with every new variant. If the researchers are correct, certain groups of people are more likely to be targeted.
Regardless of whether you are in one of these vulnerable groups or not, you will still need to protect yourself – other cybercriminals will still use the current scattergun approach to catch as many people out as they can. The key is to have an effective, regularly updated anti-malware tool installed to protect your computer against infection.
Get started today – download your free trial of Panda Security Gold Protection now.
3 comments