According to senior malware analyst at Kaspersky Lab, Anton Ivanov, out of the 62 crypto ransomware families discovered by the company’s researchers in the past year, 47 of them were developed by Russian or Russian-speaking people.
“This conclusion is based on our observation of underground forums, command and control infrastructure, and other artefacts which can be found on the web. It is hard to draw strong conclusions on why so many of the ransomware families out there have a Russian origin, but it is safe to say that this is because there are a lot of well-educated and skilled code writers in Russia and its neighboring countries,” Kaspersky’s analysis reads.
Kaspersky data shows that all ransomware families attacked more than 1.4 million people around the globe in 2016, which is a massive number of people who have either paid up to get their data back or said goodbye to their files altogether. And, keep in mind, 75% of those ransomware variants used for these attacks were made by Russian-speakers.
Of course, there are ways to bypass ransomware, from free decryption tools for certain variants to initiatives such as No More Ransom which will offer free help to those seeking to get rid of the spies on their devices.
The new old tool of cyber criminals – ransomware
Analyzing the attack stats for 2016, Kaspersky further noticed that a regular user was attacked with encryption ransomware on average every 10 seconds, while organizations were hit about every 40 seconds.
The frequency of attack has grown considerably over the past few years, and we’re even noticing spikes throughout the year. Ransomware is by no means a new type of malware out into the wild; it’s been around for over a decade. Hackers are now discovering, however, just how much more profitable it can be to use this type of attacks.