We’ve all heard of computer viruses and malware, but cyberattacks are evolving. The FBI estimated that in the first quarter of last year, cybercriminals extorted $209 million from businessess. 2016 was the first year that bad guys stole over $1B from everyday people and businesses with ransomware, malwares’ gangster cousin. The amount collected doesn’t even come close the estimated costs for damages, recovery and downtime victimized businesses experience.
There’s mixed news, one the plus side, businesses that take security seriously are better off than ever before due to the improved quality of solutions and services that are available. On the negative side, the costs of not taking cybersecurity seriously are considerably steeper. Let’s take a look at some of the worst Ransomware statistics from last year.
1) It starts with email
Your inbox is one of the easiest and most vulnerable channels of attack. As a result, almost 60% of all infections come from email while less than 20% come from the web. IBM watched ransomware embedded in email grow by over 6,000%. Most people are privy to malicious email attachments diguised as innocent, everyday files, but links are trickier. Links that contain files can be embedded in images that look like anything else you’d click from a person you trust, and the next thing you know, your email account is hijacked. Spam contains ransomware more often than not, but telling Spam apart from a normal email isn’t obvious anymore.
2) Attacks accelerate outsourced IT
As businesses fall prey to increasingly sophisticated modes of attack, they become motivated to hire outside help. Over 92% of the IT firms surveyed last year had clients who were victims of cyberattacks. Malicious macros hidden within Microsoft Office Docs are the preferred attack vector. You get an email, click a link, a Word Doc downloads, you open it, and that’s all she wrote. The Office Doc method is so effective that ransomware doubled infection rates between Jan and Dec of 2016. And go figure, that figure is expected to double again this year.
3) Some targets are more valuable than others
While US law enforcement advises businesses against paying ransoms, often, it’s the path of least resistance. Over 70% of businesses cough up the dough. The more important digital operations and data are for a business, the more valuable it is for cybercriminals to gain access. They know that if downtime and recovery costs more than the ransom, businesses will answer quickly. Financial services and healthcare related businesses are prime targets because they have a perfect blend of mission critical data on vulnerable networks. Most ransoms are in the $10k range but 1 in 5 businesses pay over $40k – and that’s after a minimum of 2 days of downtime.
Outsource IT to Security Experts
If all this talk of ransomware makes you wonder, what can we do to prevent the worst consequences? There’s a million products and services available that claim to help, but really, you are better off talking to IT security experts like Platte River Networks. Dependable business continuity solutions, early detection, support and training are the remedy. We keep your best interests in mind at every step.