Over the years, we’ve seen ransomware continuously dominate the threat landscape. Its prevalence is largely attributed to the fact that malicious hackers find this to be a very lucrative revenue stream. 2014 saw exponential infections from ransomware, with families such as Ransom:JS/Krypterade, Win32/Crowti, Win32/Reveton, and Win32/Teerac garnering more than 4 million infections. The start of 2015 introduced new characters such as Win32/Tescrypt and Win32/Troldesh.
This ransomware employs creative methods to lure unsuspecting victims into clicking links or opening attachments in a spam email. We’ve seen some ransomware spread emails that ride on current popular events to pique people’s curiosity, while others use scare tactics that make victims believe law enforcement agencies have detected illegal activities on their PC. Other methods of infection are stealthier – they are downloaded by other malware.
Current trends also indicate that ransomware is spreading to mobile devices, where in recent news we’ve seen mobile ransomware spreading in the Android ecosystem. Although mobile ransomware hasn’t yet reached the sophistication and prevalence of those that affect PCs, mobile malware is something that the security industry is keeping track of. As the infrastructure for bring your own device (BYOD) setups in the workplace become more common, so too does the risk that an infection from an employee’s personal device can spread to the enterprise network.
If you’d like to learn more about how Microsoft Mobile Device Management (MDM) technologies can help prevent ransomware and other infections on employee BYODs, check out the latest Threat Intelligence Report from Microsoft’s Malware Protection Center here.
J.C. Hornbeck | Solution Asset PM | Microsoft GBS Management and Security Division
System Center All Up: http://blogs.technet.com/b/systemcenter/
Configuration Manager Support Team blog: http://blogs.technet.com/configurationmgr/
Data Protection Manager Team blog: http://blogs.technet.com/dpm/
Orchestrator Support Team blog: http://blogs.technet.com/b/orchestrator/
Operations Manager Team blog: http://blogs.technet.com/momteam/
Service Manager Team blog: http://blogs.technet.com/b/servicemanager
Virtual Machine Manager Team blog: http://blogs.technet.com/scvmm
Microsoft Intune: http://blogs.technet.com/b/microsoftintune/
WSUS Support Team blog: http://blogs.technet.com/sus/
The RMS blog: http://blogs.technet.com/b/rms/
App-V Team blog: http://blogs.technet.com/appv/
MED-V Team blog: http://blogs.technet.com/medv/
Server App-V Team blog: http://blogs.technet.com/b/serverappv
The Surface Team blog: http://blogs.technet.com/b/surface/
The Application Proxy blog: http://blogs.technet.com/b/applicationproxyblog/
The Forefront Endpoint Protection blog : http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog : http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog: http://blogs.technet.com/b/isablog/
The Forefront UAG blog: http://blogs.technet.com/b/edgeaccessblog/