Content, Americas, Breach, Security Program Controls/Technologies, Distributed Workforce, Ransomware

Ransomware Goes Mobile, Increasingly Targets U.S. Smartphones

Phone in the dark

Is it any surprise that mobile ransomware crooks are aiming at countries with developed financial and payment infrastructures? The reasons are simple, really: It’s where the money is--mature markets have more advanced and frequently used mobile and e-payment systems to contaminate.

As might be expected, the U.S. has the highest percentage of smartphone, tablet and other device users attacked by mobile ransomware (vs. other malware) followed by Canada, Germany and the U.K., according to a new Kaspersky Lab report.

It’s a list you obviously don’t want to be on. In the study’s measurement period--from April, 2016 to March, 2017--the proportion of U.S. mobile users victimized by mobile ransomware, as compared with other malware, rose to 19 percent from the prior period’s 15 percent.

By comparison, Canada’s slid about a percentage point to 19 percent; Germany’s fell to 15 percent from 23 percent; and, the U.K.’s dipped two percentage points to 13 percent. In effect, the U.S.’s position shifted from fourth to first as the other three countries' ransomware figures shrunk.

Kaspersky tied the climb in U.S. mobile ransomware attacks to the Svpeng and Fusob malware families. While Svpeng mainly targets America, Fusob initially focused on Germany. However, since Q1 2017, some 28 percent of Fusob's attacks have targeted the U.S.

“These geographical changes in the mobile ransomware landscape could be a sign of the trend to spread attacks to rich, unprepared, vulnerable or yet unreached regions,” said Roman Unuchek, a Kaspersky security expert.

Additional highlights (year-over-year comparisons):

  • The number of ransomware incidents spiked in Q1 2017, with 218,625 mobile trojan-ransomware installation packages, or 3.5 times greater than the prior quarter.
  • The percentage of ransomware victims year-over-year rose by 11.4 percent to 2,581,026 users worldwide.
  • The proportion of users encountering ransomware compared to the total number of users encountering malware fell from 4.34 percent to 3.88 percent as compared to the prior year.
  • The number of users attacked with cryptors nearly doubled to 1,152,299 year-over-year.
  • The number of users attacked with mobile ransomware fell by 4.62 percent to 130,232 from the year earlier period

You can read the full version of the document, entitled KSN Report: Ransomware in 2016-2017, here.

Meanwhile, a number of U.S. senators are reportedly trying to ban Kaspersky’s products from use by the military over fears the Moscow-based security developer could be influenced by the Russian government. Legislators have raised questions that Russia could use Kaspersky’s platform to launch cyber attacks against U.S. computer networks. That’s a particularly hot button right now considering the ongoing investigation into Russia’s alleged hacks aimed at disrupting the 2016 presidential election campaign.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.