India is among the top seven countries that are highly vulnerable to ransomware circulation as cyber attacks on Windows, Android, Linux and MacOS systems have increased this year globally, a new report has said.
“Ransomware has become platform-agnostic. Ransomware mostly targets Windows computers, but this year, SophosLabs saw an increased amount of crypto attacks on different devices and operating systems,” said Dorka Palotay, SophosLabs Security Researcher, in a statement on Saturday.
According to "SophosLabs 2018 Malware Forecast" by a global network and endpoint security leader Sophos, two types of Android attack methods are emerging -- locking the phone without encrypting data and locking the phone while encrypting the data.
WannaCrypt, unleashed in May 2017, was the top ransomware intercepted from customer computers, dethroning the long-time ransomware leader Cerber, which first appeared in early 2016. WannaCrypt accounted for 45.3 percent of all ransomware tracked through SophosLabs with Cerber accounting for 44.2 percent.
“For the first time, we saw ransomware with worm-like characteristics, which contributed to the rapid expansion of WannaCrypt. This ransomware took advantage of a known Windows vulnerability to infect and spread to computers, making it hard to control,” added Palotay.
Android ransomware is also attracting cybercriminals. According to SophosLabs analysis, the number of attacks on Sophos customers using Android devices increased almost every month in 2017.
One reason they believe ransomware on Android is taking off is that it's an easy way for cybercriminals to make money instead of stealing contacts and SMS, popping ups ads or bank phishing which requires sophisticated hacking techniques. "It's important to note that Android ransomware is mainly discovered in non-Google Play markets - another reason for users to be very cautious about where and what kinds of apps they download," the researchers noted.
Sophos recommends backing up phones on a regular schedule, similar to a computer, to preserve data and avoid paying a ransom just to regain access.