While ransomware is not the only threat in the current security landscape, it remains a major presence. Though cryptomining has arguably overtaken ransomware in terms of attack frequency, as a report from Emsisoft shows, 2019 was very good for ransomware attackers. The report analyzed incidents in countries primarily located in North America, Europe, and Australia. Emsisoft relied on a ransomware incident reporting service called ID Ransomware to gather its data from.
Key takeaways from the report include statistics such as 33 percent of companies affected by ransomware paid the ransom. This should not come as a surprise as 2019 saw many incidents, including some reported here on TechGenix, where companies capitulated to ransomware attacker demands. The panic that sets in when a network is infected with a ransomware payload is a key component to cybercriminals getting their monetary reward. If a company is ill-equipped, whether in technology or policy, to handle ransomware attacks, paying may seem like the most logical option. (It shouldn’t be.)
Another statistic in the Emsisoft report worth discussing is what the company classifies as “Total cost: ransom demand costs+downtime costs” for the following nations: United States, United Kingdom, Germany, Canada, France, Australia, Spain, Italy, Austria, and New Zealand. The number, in U.S. dollars, is a staggering $169.7 billion, which is simply unfathomable in some ways. This number only proves how brazen ransomware attackers have become as there is still no universal deterrent employed against them. While there are absolutely steps to take to mitigate risk, a mixture of poor upper management and blatant stupidity of random employees makes ransomware as dangerous as ever.
In light of these statistics, it is vital that companies worldwide begin listening to cybersecurity professionals. Ransomware is only as powerful as one allows it to be, and it truly can be counteracted against. Though Emsisoft admits in its report’s conclusion that the data “is partly derived from third-party statistics which may be based on limited datasets and, consequently, the costs stated above may be significant over- or underestimates,” the danger is still readily apparent.
Featured image: Markus Spiske