Ransomware Up 35X in Q1

Hacker with money

A new security index shows new cyberthreats that partners will want to watch.

The latest report from the Infoblox DNS Threat Index concludes that ransomware domains increased by a factor of 35 in the first quarter of 2016. Ransomware seizes data and doesn’t return it until the victim pays for decryption.

Infoblox's Rod RasmussenOther studies agree with Infoblox that the costs of ransomware are rising. The FBI, for one, says the malware led to a collective loss of $209 million in the latest quarter of 2016 as opposed to $24 million for the entirety of 2015. Infoblox Vice President of Cybersecurity Rod Rasmussen said cybercriminals are taking advantage of the opportunity.

“There has been a seismic shift in the ransomware threat, expanding from a few actors pulling off limited, small-dollar heists targeting consumers to industrial-scale, big-money attacks on all sizes and manner of organizations, including major enterprises. The threat index shows cybercriminals rushing to take advantage of this opportunity,” he said.

Infoblox said its index was at an all-time high last quarter, going from 128 in the fourth quarter of 2015, to 137. The index takes into account all forms of malicious Domain Name System (DNS) infrastructure.{ad}

The study found two other big changes. The first: Although Angler is still the most popular exploit kit, Neutrino is on the rise. Its use has grown 300 percent, according to Infoblox.

Additionally, the U.S. remains the top host of malicious domains, but it dropped in the last quarter relative to a few other countries.

“Cybercriminals are as likely as anyone else to take advantage of sophisticated infrastructure, and all of the countries in this quarter’s list fit that description,” said Lars Harvey, vice president of security strategy at Infoblox. “But the geographic spread shows that much like cockroaches that scurry from the light, cybercriminals are quick to shift to a more advantageous location as needed.”

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 51369