The financial impact of ransomware in 2020
Ransomware crops up as a subject here at Bytagig often, and that’s because of the serious threats it creates. With increased use by dangerous third parties, especially considering the COVID-19 pandemic, ransomware is a serious concern. For attackers, it’s low risk but high reward.
Like we discussed in our post about the University of Utah, even a less than one percent infection rate proves insanely profitable. It also demonstrates to hackers that a payout will occur. Part of this is because they threaten to publish stolen information if their demands aren’t met, part is also because of reputation. Other industries and companies see that attackers are serious, so cave to threats with higher frequency.
And that’s why nearly half of cyber insurance claims were a direct result of ransomware, a study shows. For the first quarter of 2020 – as if the year wasn’t dreadful enough – insurance claims caused by ransomware came to 41 percent, as reported by Coalition. Coalition asserts that every industry they work with has seen a vicious increase in ransomware attacks.
Ransomware’s continued aggression
Coalition continued to expand on the exact numbers. In Q1 of 2020, ransomware attacks exploded by 260%. Then, ransom demand increased by 47%. Primarily they targeted businesses of small to medium size.
The attacks were conducted by various ransomware organizations. Among the most prolific, Coalition reports, were DoppelPaymer and Maze. Like other malicious parties, once they hijack sensitive data, they threaten to publish the data if their ransom isn’t paid.
Coalition expands on this by stating Maze had the most aggressive, greedy demands. In other words, demanding a ransom six times higher than the typical average.
Other cyber problems
Even with the alarming surge in ransomware strikes, these weren’t the only recorded issues. Different cyber claims involved other attack types. Two of the more prolific ones involved social engineering via business email compromise. The other was fund transfer attacks.
Both have grown exponentially since last year, 35% and 67% respectively.
Phishing and vishing (voice call phishing) were common methods used as part of email compromise attacks. On average per event, Coalition reported the financial damage totaled at least $1 million if more. Coalition adds that email suites like Microsoft’s Office 365 see the most BEC and related ransomware attacks.
Reducing the risk of ransomware intrusions
The numbers add up to some ugly figures and paint a dismal picture of cost associations. And, once again, we need to assert that no one is safe. You’re not off the hook just because you’re a smaller business. In fact, SMB’s should take extra care, because they lack the capital to recover from serious ransomware demands like the ones we’ve mentioned so far.
- Follow all CISA guidelines and keep up to date with ransomware attacks
- Have BDR plans in place that account for ransomware
- Set up layered networks to mitigate damage in case of an intrusion
If you still need assistance, getting help from an MSP can be invaluable. Contact Bytagig today for additional information!