The hackers spreading ransomware are getting greedier. In 2016, the average ransom demand to free computers hit with the infection rose to US$1,077, up from $294 the year before, according to security firm Symantec.
“Attackers clearly think that there’s more to be squeezed from victims,” Symantec said in a Wednesday report.
In addition, the security firm has been detecting more ransomware infection attempts. In 2016, the figure jumped by 36 percent from the year prior.
That doesn’t bode well for the public. Ransomware is notorious for taking over computers, and essentially holding them hostage. To do so, the malicious coding encrypts all the data inside, and then demands a fee, usually in bitcoin, in exchange for releasing the machine.
In 2016, consumers made up 69 percent of all ransomware infections, with the remainder targeting enterprises, according to Symantec.
“More and more attackers are now jumping on the ransomware bandwagon and creating new ransomware families or modifying existing ones,” the security firm said.
Helping to fuel the ransomware boom is the digital black market, where hackers can sell ransomware kits as little as $10 and as much as $1,800, making it easier for other cybercriminals to join in.
Fortunately, ransomware attacks can also be easily dodged. Consumers, for instance, should be wary around email spam, which remains the popular way for hackers to spread ransomware, Symantec said.
Symantec Ransomware detections by country in 2016.
Cybercriminals will often bundle their emails with attachments that can secretly download the ransomware onto a computer, if the emails are opened. “In many cases, the victim would receive a spam email designed to appear like an invoice or receipt from a company,” Symantec said.
Bad actors will also spread ransomware through exploit kits, or automated hacking toolsets, that operate on tampered websites. The kits can work by scanning a victim’s web browser for any unpatched software vulnerabilities and then exploiting them to serve ransomware.
To prevent the infections, users should keep their computer’s software up to date. That includes any publicly facing servers. In one case, hackers spread ransomware to a business by compromising a server through an unpatched vulnerability, Symantec said.
The security firm also advises users to delete any suspicious-looking emails, especially those that contain attachments or any links.
If a ransomware attack does strike, businesses can lessen the threat, if they’ve backed up their most important data. There are also free tools on the internet that can decrypt certain ransomware infections.
Symantec’s report found that 34 percent of victims do pay the ransom. However, only 47 percent reported getting their files back.