Ransomware is making headlines in tech news, and not because of a big, splashy attack. It’s because a cascade of news around ransomware has been emerging and none of it is good for businesses. Ransomware has created an outsized presence for itself in the cybercrime ecosystem, keeping this menace at the forefront of IT leaders and business owners’ minds as they grapple with the question of how to keep their organizations safe on a budget in a quickly evolving and shadowy threat landscape.
The Prognosis Is Not Good
Is it any wonder that ransomware continues to dominate the security conversation? The specter of an attack is in every business’s peripheral vision regardless of their location or industry. Organizations located in Asia (33%) and North America (30%) and Europe (27%) were the hardest hit by ransomware attacks in 2020 and carry the most risk in 2021. Looking at this threat holistically by the numbers paints a chilling picture of danger for every organization. Ransomware attacks have continued to pound businesses, rising to heretofore unseen new heights in Q2 2021.
- Ransomware now accounts for 69% of all attacks involving malware
- That’s a 30% jump over the same quarter in 2020
- There was a massive 45% increase in ransomware attacks in April 2021 alone
- UK researchers noted that 22% of attacks in the first quarter of 2021 were ransomware
- 85% of ransomware attacks target Windows systems
Ransomware demands are on the rise as well. A report in Tripwire details new research showing that the average ransom paid by organizations has increased by 82% over the already huge demands logged in 2020. The average demand is now a record $570,000 (£414,000), compared with just $170,000 (£123,000) in 2020. A recent record-breaking ransomware demand against Acer reportedly hit $50 million
The ways that ransomware is delivered are also in flux. The vast majority of ransomware is still delivered through phishing messages, but not all of it – and that’s a challenge for IT staffers to negotiate when email volume is high and alerts are coming in fast and furious but the number of hands to do the extra work is low.
- Precisely targeted ransomware, typically delivered through spear phishing, has grown by 767%
- 48 % of infectious attachments that contain malware like ransomware are Office files
- 90 % of IT pros had clients that suffered ransomware attacks in the past year
- Businesses experienced a 64% increase in overall email threat volume in 2020
- An estimated 94 % of ransomware arrives at businesses via email
Ransomware Practitioners Are On The Hunt For New Data
No industry is safe from the ransomware surge, but a few have been getting hit harder than others. Booming dark web data markets have whetted cybercriminal hunger for data, leading to attacks on industries that tend to keep it. Cybercriminals can make handsome profits selling data in dark web data markets and industries may find themselves in cybercriminals’ sights because of the high desirability of their data. In 2020, ransomware attacks increased substantially against companies known to have deep databases and that trend continues.
- Attacks on government targets almost doubled from 12% in Q1 2021 to 20% in Q2 2021
- The manufacturing sector was nailed with a 25% increase in ransomware attacks
- The professional services sector clocked in at a 17% rise
- The banking industry experienced a 1,318% year-over-year increase in ransomware attacks
Attacks on retailers have also skyrocketed, accounting for 95% of all attacks using malware. Experts point to the fact that cyberattacks involving payment skimmers, a former cybercrime staple, have dramatically decreased in the face of improved security. However, previous ransomware attacks in this industry mostly targeted data like payment details, personal information, credit card numbers and other financial information. Nowadays, bad actors know that they can score a solid payday by encrypting systems and/or data, then settling in to wait for a juicy ransom. IBM noted in a recent blog post that cyberattacks against retailers increased by a massive 1280% from the beginning of 2020 to the end of the year.
More Money Equals More Problems For Businesses
That ransom could be especially lucrative if the cybercriminal actors are using popular double or triple extortion ransomware. Double extortion ransomware is a rising star as cybercriminals double down on their attacks to double their profits by requiring their victims to pay twice: once for the usual decryption code and a separate fee to not have the encrypted data copied by the gang. Practitioners of this tactic were responsible for more than 50% of all ransomware attacks in 2020. Adding one more step to the traditional double extortion dance, triple extortion ransomware not only requires companies to pay for a decryption key and the return of their uncopied data, but it also includes a payment to avoid another damaging effect like a DDoS attack or public embarrassment about the incident.
While cybercriminals are cleaning up in ransomware operations, businesses are paying the price and it is steep. Companies impacted by ransomware lose an estimated average of six working days, and 37% of them experience downtime of one week or more. Any organization that falls victim to ransomware is looking at big bills. The cost of a ransomware incident including investigation, remediation and recovery worldwide is expected to exceed $265 billion by 2031. That isn’t a bill that any organization can afford to pay. The exorbitant costs, lost revenue and reputation damage that a business suffers in the wake of a ransomware incident is too much for many businesses to survive – 60% of companies go out of business within 6 months after a cyberattack.
Paying the ransom isn’t going to get you off the hook either. Beyond the fact that it is illegal in the US and many other nations, Only a small percentage of companies that pay the extortionists the money that they demand will ever get their data back. In a 2020 study, only 66% of organizations that paid the ransom were able to recover any of their data and almost 35% of organizations that paid a ransom did not receive an encryption release or key. Paying off the criminals is not a smart tactic for future defense either, because it does not guarantee that those bad actors won’t leave a backdoor into your systems to allow themselves to make another visit. Almost 70% of companies that weathered a cyberattack were hit with another one within a year.
Thinking Outside The Box Improves Your Ransomware Defense
It’s clear that the same-old strategies and tools aren’t quite up to the challenge these days. Consider adding two new tools to your security arsenal to reduce business risk.
A cyber resilient organization is much more likely to stand strong in the face of rising threats from a variety of sources, including ransomware. In a cyber-resilient company, business operations don’t grind to a halt in the event of a cyberattack. That starts with creating and drilling a smart incident response plan. Over the past two years, only 39% of companies with a formal, tested incident response plan experienced a disruptive security incident, compared to 62% of companies with less formal or consistent plans.
Zero Trust is the path that the US federal government has chosen to fight back against ransomware in consultation with tech behemoths like Microsoft and IBM, implementing new rules requiring a zero-trust framework for federal agencies, contractors and suppliers. A cornerstone of zero-trust security is controlling access to critical systems and data, making sure that only those who really need to access those things can get to them. Forget about trusted users; everyone from an intern to the CEO has to prove their legitimacy every time they log in. That takes the power out of a filched password in a hurry.
Optistar Technology Consultants Can Help
Make sure that your business is taking a strong security posture against cybercrime threats like ransomware! Contact us today to learn more about the steps and solutions we recommend to reduce the security risks for your business. We will be glad to answer any questions you may have!