An international survey of 540 IT decision makers revealed that nearly 80% of them worked at organizations that suffered a cyberattack in the last year—and almost 40% of those organizations paid cybercriminals to get their data back.
The Osterman Research survey, which was released this week and titled “Understanding the depth of the Ransomware Problem in the United States,” included responses from IT decision makers at 540 organizations in the United States, Canada, Germany and the United Kingdom. The in-depth survey revealed some staggering—and depressing—statistics regarding the vulnerability of businesses to the ransomware epidemic. About 34% of the companies surveyed said they lost revenue as a result of a ransomware attack. Among the survey’s other key findings:
- Nearly 50% of all those surveyed were victims of ransomware.
- About 41% of U.S. businesses encountered between one and five ransomware attacks in the last year. Another 6% saw six or more attacks.
- Cybercriminals’ favorite targets for ransomware are healthcare and financial services firms.
The report also found that U.S. organizations have a relatively low level of confidence in their ability to stop ransomware. But U.S. organizations are also far less likely to pay the ransom than other counties represented in the survey.
Data backup was cited as one of the most common ways to combat ransomware. According to the survey: “The availability of recent backups was cited frequently as the reason that the organization could opt for the decision not to pay the ransom.”
Here’s a list of the other top stories making the ransomware rounds this week:
Hackers steal $65 million worth of bitcoins
When cybercriminals attack your computer with ransomware, they usually ask for the ransom in the form of Bitcoin, the digital currency that’s extremely difficult to trace. And this week one of the world’s leading bitcoin exchanges, Bitfinex, was itself attacked by hackers who made off with 119,756 bitcoins worth about $65 million at the time of the theft, according to a report from CNN Money. Bitfinex, which is headquartered in Hong Kong, reported the theft to authorities and is working to determine which user accounts were hit. There have been no arrests so far.
Don’t get hooked: Email phishing attacks on the rise
Email phishing scams are often used by cybercriminals to spread ransomware and gain access to sensitive personal and business information—and phishing attacks are on the rise, according to a new report from Wombat Security Technologies. Wombat surveyed its database of IT security professionals and found that 85% of organizations were victims of phishing scams in 2015, a 13% increase over 2014. And 60% of respondents reported that the number of phishing attacks is up overall. The report also found that phishing emails disguised as legitimate work emails are by far the most effective when it comes to hooking victims. In one example, a simulated phishing email disguised as an “Urgent Email Password Change” request had a 28% click rate.
Ransomware: A proven business model for cybercriminals
Ransomware scams aren’t going away anytime soon, according cybersecurity firm PhishMe, which released the results of its Q2 2016 malware review at this week’s Black Hat USA conference in Las Vegas. PhishMe reports that ransomware can now be found in about 50% of all malware configurations, and ransomware is regularly being included in exploit kits used by hackers to compromise network security. PhishMe went on to say that ransomware is now “firmly established as a business model which show no signs of diminishing.”
Want to learn more? Visit our Ransomware in the News page for the latest on the fight against ransomware.