AV-Test: Ransomware is a 'Marginal Phenomenon'
Ransomware didn’t even comprise 1% of all Windows malware in 2016, rendering it a “marginal phenomenon” despite causing mass disruption, according to a new report from the AV-Test Institute.
The German comparative testing outfit claims to scan more than three million files per day, making its AV-Test Security Report a comprehensive round-up of recent trends.
It had this:
“There is no indication based on proliferation statistics that 2016 was also the ‘year of ransomware’. Comprising not even 1% of the overall share of malware for Windows, the blackmail Trojans appear to be more of a marginal phenomenon.”
However, this class of malware doesn’t need to be distributed en masse like traditional viruses, instead using “highly-complex, state-of-the-art encryption protocols”, “sophisticated server infrastructure” for key generation and management, and a targeted approach for maximum effect.
The report added:
“Ransomware involves ‘high-tech malware’, which seeks its victims above all in a targeted business environment. For instance, emails infected with ransomware are sent out almost exclusively on weekdays, as proven by the measurement results of the AV-TEST systems.”
Public sector organizations, healthcare, and retail were some of the most popular targets for ransomware authors, with infections usually triggered by email attachment with a social engineering lure.
Elsewhere there was relatively good news for Microsoft, as the overall volume of Windows malware AV-Test encountered fell by 15% from 2015 to 2016, while macOS and Linux malware both tripled and Android malware doubled.
The bad news continued for Apple with Q1 2017 figures confirming macOS malware doubled in the first four months of the year.
However, AV-Test also claimed that Windows malware is on the rise again this year, jumping 7% “compared to the annual value of the previous year”.
An average of 350,000 new malware programs were discovered every day in 2016; that is, roughly four new malware samples per second.
Source: Information Security Magazine