Ransomware is on the rise and the enterprise is feeling the pressure — with almost 40 percent of businesses experiencing a ransomware attack last year alone.
A new study conducted by Malwarebytes suggests that 34 percent of businesses lose revenue because of such attacks, and 20 percent have had to stop operations completely in the aftermath of a successful data breach.
The cybersecurity firm released the report, titled ” State of Ransomware,” on Wednesday, which explored how ransomware is spreading. This particular breed of malware, once downloaded and executed on a compromised system, encrypts or locks files away before demanding payment in return for a key which will decrypt system files and return the PC to normal.
However, paying the fine does not guarantee that the keys will work — or even that they exist.
The research surveyed 540 CIOs, CISOs and IT Directors from companies with an average of 5,400 staff across the US, Canada, the UK and Germany.
While this is a small subset of large companies which could represent a larger whole, there may be bias as these firms were among those willing to admit to experiencing a ransomware attack, and that behavior may not be the case across the board. However, the respondents did reveal some interesting trends.
In total, 78 percent of all ransomware used to target enterprise players have come through an endpoint, while 46 percent originated from email services — such as through phishing campaigns.
Cyberattackers have also realized just how lucrative a successful attack can be. We hear of hospitals and colleges giving in to demands for payment as the cost of keeping operations closed is far higher, and many large firms are also paying up.
Malwarebytes says that nearly 60 percent of all ransomware attacks in the enterprise demanded over $1,000, and over 20 percent of attacks asked for over $10,000. A small set of ransomware operators even asked for over $150,000 to release files.
When given these demands for payment, over 40 percent of enterprise players bit the bullet and paid up.
“Over the last four years, ransomware has evolved into one of the biggest cyber security threats in the wild, with instances of ransomware in exploit kits increasing 259 percent in the last five months alone. The impact on businesses around the world has been significant,” said Nathan Scott, Technical Project Manager at Malwarebytes.
“Until now, very few studies have examined the current prevalence and ramifications of actual ransomware incidents in the enterprise,” Scott added.
The Malwarebytes teams’ research also found that healthcare and finance were the top industries for threat actors to target using ransomware — and crucially, 3.5 percent of victims said that “lives were at stake” when ransomware barred access to core services.
In addition, it takes an average of nine hours for companies to reboot systems after a successful ransomware attack, and 63 percent would spend more than a full business day trying to patch up systems and fix vulnerable endpoints.
“The results from this survey further emphasize that any business in any region is incredibly vulnerable to ransomware,” said Marcin Kleczynski, CEO of Malwarebytes.
“Cybercriminals are increasing their use of ransomware in their attack strategies globally, causing business disruption, loss of files and wasted IT man-hours. In order to stay safe, businesses must invest heavily in both employee education and technology. We are thrilled to be able to give companies a solution that can thoroughly protect them against known and unknown ransomware threats.”
In related news, Malwarebytes also took the opportunity to announce fresh anti-ransomware additions to Malwarebytes Endpoint Security (MBES) to help companies detect and block ransomware.