Connect with us

Hi, what are you looking for?


Security firm warns of rise in ransomware attacks in PH

The number of users attacked worldwide with encryption ransomware is soaring, with 718,536 users hit between April 2015 and March 2016: an increase of 5.5 times compared to the same period in 2014-2015, according to Kaspersky Lab.

While the Philippines is not among the top 10 most attacked countries, data from Kaspersky Lab showed the number of crypto-ransomware attacks against Filipino users increased from 10,256 in April 2014-March 2015 to 10,414 in the same period in 2015-2016.

This means the country has experienced a 1.54% increase on crypto-ransomware attacks in just a year.

In terms of the share of users attacked with encryption ransomware as a proportion of users attacked with any kind of ransomware, the Philippines soared from 4.04% last 2014-2015 to 32.68% from April 2015-March 2016.

Advertisement. Scroll to continue reading.

“These figures uncover the reality that the threat of crypto-ransomware exists not only in developed countries but also in emerging nations like the Philippines,” warns Anthony Chua, Territory Channel Manager for the Philippines and Singapore at Kaspersky Lab Southeast Asia.

“Kaspersky Lab strongly suggests not to pay the ransom but most of all, every Filipino must be cyber-savvy enough to avoid this kind of stealthy and costly threat. Always remember that prevention is better than cure, even in cybersecurity.”

The goal of crypto ransomware is to encrypt your critical data — such as documents, pictures or videos — while leaving more basic computer functions untouched. This generates a sense of panic, because you can see your files, but you can’t access them.

Crypto creators often include a countdown in their ransom demand: If you don’t pay by the deadline, all your files will be deleted.

The irreversible consequences of this kind of malware infection, along with the high value data that is being encrypted by ransomware tempts victims to pay for decryption, which in turn draws more cybercriminals into the business.

Advertisement. Scroll to continue reading.

An epidemic

It’s no secret that crypto-ransomware, which encrypts data on users’ systems has become a huge problem for cybersecurity over the last few years. It has become so widespread that it could easily be called an epidemic.

In order to accurately understand its scale, Kaspersky Lab has researched how the ransomware threat has evolved over a period of 24 months.

The total number of users encountering any type of ransomware between April 2015 and March 2016 increased by 17.7% compared to the period April 2014 to March 2015 – from 1,967,784 to 2,315,931 users around the world.

The number of users attacked with crypto-ransomware rose 5.5 times, from 131,111 in 2014-2015 to 718,536 in 2015-2016.

Advertisement. Scroll to continue reading.

The share of users encountering ransomware at least once as a proportion of the total number of users encountering malware rose 0.7 percentage points, from 3.63% in 2014-2015 to 4.34% in 2015-2016.

The share of users encountering crypto-ransomware as a proportion of those encountering ransomware rose dramatically – up 25 percentage points, from 6.6% in 2014-2015 to 31.6% in 2015-2016.

The number of users attacked with blockers (ransomware that locks screens) decreased by 13.03%, from 1,836,673 in 2014-2015 to 1,597,395 in 2015-2016.

Germany, Italy and the US are the countries with the highest percentage of users attacked with encryption ransomware.

“The biggest problem with crypto-ransomware today is that sometimes the only way to get the encrypted data back is to pay the criminals, and victims tend to pay,” says Fedor Sinitsyn, Senior Malware Analyst at Kaspersky Lab.

Advertisement. Scroll to continue reading.

That brings a lot of money into the underground ecosystem that has grown up around this malware, and as a result we are seeing new cryptors appear almost daily. Companies and regular users can protect themselves by implementing regular backups, using a proven security solution and keeping themselves informed about current cybersecurity risks. The ransomware business model seems to be profitable and safe for criminals, and the security industry and users can change that just by implementing these basic measures.”

Tips against crypto-ransomware

While crypto-ransomware is one of the most dangerous types of malware ever created, and the consequences of it can be very severe, we at Kaspersky Lab believe that there are ways to protect yourself or your organization against this threat.

Tips to consumers:

  • Back-up is a must. The sooner back-up becomes yet another rule in your day-to-day PC activity, the sooner you will become invulnerable to any kind of ransomware.
  • Use a reliable security solution. And when using it do not turn off the advanced security features which it most certainly has. Usually these are features that enable the detection of new ransomware based on its behavior.
  • Keep the software on your PC up-to-date. Most widely-used applications (Flash, Java, Chrome, Firefox, Internet Explorer, Microsoft  Office) and operating systems (like Windows) have an automatic updates feature. Keep it turned on, and don’t ignore requests from these applications for the installation of updates.
  • Keep an eye on files you download from the Internet and receive via email. Especially from untrusted sources. In other words, if what is supposed to be an mp3 file has an .exe extension, it is definitely not a musical track but malware. The best way to be sure that everything is fine with the downloaded content is to make sure it has the right extension and has successfully passed the checks run by the protection solution on your PC.
  • If, for some reason your files are encrypted with ransomware and you are asked to a pay a ransom, don’t pay. Every bitcoin transferred to the hands of criminals builds their confidence in the profitability of this kind of cybercrime, which in its turn leads to the creation of new ransomware. At the same time, a lot of security companies, including Kaspersky Lab fight ransomware on daily basis. Sometimes it is possible to create a decryption tool for certain kinds of ransomware, and sometimes as a result of cooperation with law enforcement agencies, it becomes possible to get the encryption keys for certain families of ransomware, which can eventually lead to decryption of your files. Last but not least: the creation, spreading and demanding of a ransom for decryption are all actions that are defined as criminal in most countries around the globe. Report an attack to the police in order to start an investigation.

Tips to businesses

  • Back-up is a must. Upon the infection of your corporate PCs, the ransomware is likely to start encrypting files that are required for the daily work of your company. If it is technically impossible to back-up all the files you have in the corporate network, choose the most critical (accounting documents, clients’ data, legal documents etc.), isolate them and back-up regularly.
  • Use a reliable, corporate-grade security solution and don’t switch off its advanced features, as these enable it to catch unknown threats.
  • Undertake regular patch management.
  • Educate your personnel: very often the ransomware infection happens due to a lack of knowledge about common cyberthreats and the methods criminals use to infect their victims.
  • Avoid paying a ransom and report the attack to police.

Advertisement. Scroll to continue reading.

Like Us On Facebook

You May Also Like


For the first time ever last year, companies across the world rushed to pivot online as the pandemic spread across the world. In a...


Among messenger services, users are most concerned with the WhatsApp security level - the share of requests about its security policy was 13.9%.


Kaspersky researchers have discovered that the Russian-speaking threat actor Turla has revamped its toolset — wrapping its famous JavaScript KopiLuwak malware in a new...


Cyber security solutions provider Kaspersky detected 31-million online threats in the Philippines from January to December last year, of which 82.46% were directed from...


The global cybersecurity company’s enterprise service has risen to the top as it earns this year’s Cybersecurity for IT Services award.


The problem of proper access to work assets is also highlighted by the fact that just under a third (29%) of workers admit to...


Organizations that outsource IR can establish the processes faster, as an external IR team is always on hand to step in and resolve an...


Kaspersky Lab experts detected a blast of sophisticated spam emails in the first quarter of 2019, featuring fake job offers that seemed to come...