Australia second most affected country in the world for exploit kit ransomware as Angler Exploit Kit targets local businesses and consumers
SYDNEY, 12 July 2016 – Trend Micro found that Australia has been one of the primary targets for a major exploit kit ransomware infection over the past two months, with more than 224, 000 ransomware attacks in the April/May period. Of these attacks, more than 213, 000 have been as a result of the Angler Exploit Kit.
The high volume of exploit kit ransomware attacks in Australia, second only to Japan in the same period, is due to a ransomware infection vector move toward URL and Exploit Kits.
Around the world, more than 66 million ransomware-related threats have been detected/blocked by Trend Micro from January to May of this year, with almost 700,000 of those in Australia and more than 19,000 in New Zealand.
“With the growing threat of ransomware attacks specifically aimed at Australian organisations, we recommend that enterprises and small businesses are more vigilant than ever,” said Indi Siriniwasa, enterprise sales and channel director for Trend Micro Australia and New Zealand. “The new ransomware families have sophisticated delivery and evasion techniques such as self-destructing after they successfully complete their routine. The best way to defend against this sophistication is to use a multilayered security approach.”
“Australia has really been targeted by cybercriminals with this Angler Exploit Kit and it is Australian consumers that will suffer,” said Tim Falinski, consumer director, Trend Micro Australia and New Zealand. “Consumers should make themselves aware of the threats and ensure all their devices – from smartphones to PCs to connected smart devices – are protected.”
64% of ransomware threats were seen at the email layer. This is due to ransomware being largely distributed via spam, either as a macro or JavaScript attachment, or via a clickable link in the message body.
34% of ransomware-related threats are blocked in the URL layer. These URLs are usually compromised sites, malvertisements, or landing pages that host exploit kits leading to ransomware. A very small percentage (2%) of ransomware-related threats are ransomware detections blocked at the file layer.
From January to May 2016, Trend Micro has so far seen 50 new ransomware families. Of these, 19 ransomware families arrived via spam, while six of these new ransomware families arrived via exploit kits. All of these new families still encrypt files and drop ransom notes.
About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organisations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defence techniques optimised for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 65 countries, Trend Micro enables organisations to simplify and secure their connected world. www.trendmicro.com