US remains the country most affected by ransomware
Cyber attackers have found their extortion sweet spot.
Key findings from a special report into internet security reveal individuals and businesses in the United States continue to be the most heavily afflicted by ransomware blackmail and threats.
Norton by Symantec’s Internet Security Threat Report – Ransomware 2017 found globally, ransomware infection numbers have persisted to rise this year, primarily as a result of the WannaCry and Petya viruses.
More than any other individual country, the United States remains the most affected by ransomware attacks.
The research report reveals 34% of victims will pay the ransom demanded by their antagonist. This proportion rises to 64% of victims in the US, affording an indication as to why the country is so heavily targeted.
However, the United States’ share of ransomware infections fell from 34% in 2016 to 29% in the first half of 2017. Comparatively, no other region on the top 10 most-affected list moved more than 1%.
Interestingly, during 2016 the average ransom demand increased from US$294 to $1,077. Since then, the average has declined and, for the first half of this year, the average demanded amount has fallen to US$544.
While this is half the figure commanded during 2016, it’s still 85% higher than in 2015. The report suggests that, after a period of experimentation, attackers have settled on US$500 as the “sweet spot” for payment threats.
In the past, individuals had been the primary focus for ransomware attacks. However, during the first six months of 2017, organizations accounted for 42% of all infections, up 30% year-on-year. This dramatic shift was mainly attributed to the rapid spread of the disastrous and destructive WannaCry and Petya viruses.
Norton lists Cerber, Jaff, Sage, GlobeImposter, Locky and Mamba as the biggest ransomware threats right now.
The antivirus software company suggests both individuals and businesses adopt a multi-layered, preventative approach to security in order to contain and reduce the likelihood of ransomware infection.