USA, Australia top two targets for ransomware in Q1, 2015

In Q1 6 per cent of detected ransomware infections were in Australia

The US and Australia were ranked first and second respectively for the highest number of ransomware detections in Q1 of 2015 according to a new report by Trend Micro.

The US recorded 34 per cent of ransomware infections while Australia was hit by 6 per cent of ransomware attacks.

Rounding out the top five most affected countries were Japan (6 per cent), Turkey (5 per cent) and Italy (5 per cent).

The total number of global ransomware infections in Q4 of 2014 was 16,433. In Q1 of 2015, this number reduced to 15,532.

Ransomware infections which hit consumers reduced from 72 per cent to 52 per cent during Q1.

However, the number of attacks targeting enterprises rose from 16 per cent last year to 28 per cent.

Attacks on small businesses also increased, from 6 per cent to 14 per cent.

Trend Micro threat response engineer Anthony Melgarejo said that crypto-ransomware provide a great means for cybercriminals to monetise attacks.

“The fact that ransomware can be easily turned into crypto-ransomware with the addition of crypto-libraries could have contributed to the threat’s growth. Crypto-algorithms are irreversible. Victims who don’t keep backups would then have no choice but to pay up to retrieve their important files,” he said.

Late last year, the Websense ThreatSeeker network detected 1.05 million instances of CryptoLocker globally, with 60 per cent of attacks detected in Australia.

Websense Australia and New Zealand engineering manager Bradley Anstis said Australia was being targeted because the attacks were financially successful.

“The low Australian dollar is not helping and there has also been an increase in attacks sent within country. If someone sends a cyber crime attack from within Australia, they are a lot more likely to be successful and trusted than from overseas,” he said.

For example, in 2013, 1.75 per cent of the attacks against Australian websites originated from within Australia. In 2014, 15.47 per cent of attacks were from within Australia, said Anstis.

An Australian Crime Commission report released today,Organised Crime in Australia 2015 (PDF)</i>, said that during 2014 TorrentLocker ransomware was distributed by spam emails targeting 13 countries.

A message delivered to Australian computers listed the ransom fee in Australian dollars and required the victim to purchase bitcoins from specified Australian bitcoin websites and send the payment to the bitcoin address provided.

As at December, it was estimated that TorrentLocker had infected more than 39,000 systems worldwide and that 570 of them (less than 2 per cent) had paid the ransom.

It is estimated that the total ransom money paid to the end of 2014 was between US$292,700 and US$585,401.5, states the report.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU, or take part in the Computerworld conversation on LinkedIn: Computerworld Australia

Join the TechWorld newsletter!

Error: Please check your email address.

Tags trend microransomwareransomware attacks

More about ACCAustralian Crime CommissionTrend MicroWebsense

Show Comments
[]