The report is located here http://www.cisco.com/c/dam/assets/offers/pdfs/cisco-asr-2016.pdf
in case you want to read it.
As the image conveys there are 9515 users paying ransomware every month.
which is $34 million in yearly income for the criminals from this single campaign.
As I have mentioned before
there are still large potential numbers of computers susceptible to this and similar attacks.
This Angler attack is just a small portion of the potential number of computers that can be attacked.
Interesting to note that 40% of the targets were compromised (this is higher than 10% of unpatched computers). Obviously this attack is more sophisticated than just attacking unpatched computers.
The difficulty for criminals is that the victim has to do the right sequence and commit acts that get them infected while also having the right environment to be infected correctly. And even then only 2.9% of ransoms were paid. But even though the potential criminal market may be in the billions of dollars a $34 million payout for a single criminal venture is not small change.
The Cisco report also highlighted a SSH Brute force attack which accounted for 35% of all Internet traffic at some point:
All this report proves to me is that the criminals are getting more sophisticated and coming up with more advanced attacks – your defense has to be more sophisticated just to keep up with this barrage.
Of course the report shows that with cisco’s help a major attack (SSH Phychos) was reduced to a trickle, compared to the major attack vector during its heyday.
Notice one thing … it took Cisco collaborating with Level3 (a network provider) a whole month before they cut the attack down to size.
A criminal can do quite a bit in a month… So I am afraid that we have only seen the beginning effect of this attack. Remember it takes months before most businesses understand that attacks were successful.
Contact Us to review your defense.