With the Wannacry attack, ransomware exploded in mainstream news, but most techies recognize that this is only the latest incident in a rising trend. Over the last several years, ransomware moved to the forefront of the information security profile. Moreover, as more people use technology, those data assets become more valuable. Locking an enterprise’s data means disrupting business (not in the positive sense though). With most businesses will seek to restore functionality as soon as possible, ransomware is more lucrative than ever.
Ransomware Attacks Are Rising
Although this seems obvious, the statistics underscoring the statement are frightening. According to the Federal Bureau of Investigation, on average more than 4,000 ransomware attacks have occurred daily since January 1, 2016. During 2015, that number was 1,000 attacks per day. This is a 300% increase in the number of attacks in just one year. If a number of ransomware attacks continue to grow at the same rate, that leads to at least 12,000 per day in 2017 alone.
Costs of Ransomware Attacks Are Rising
Hackers have learned that people love their information. Increased cloud storage use means that people put more information in potentially unprotected places. This makes holding that information hostage more lucrative. Annual costs of general cybercrime in the US in 2015 showed an annualized loss of $16.45 million to the technology sector. By 2016, most data breaches were in the medical and healthcare sector. Globally, ransomware attackers have increased their average per victim intake from $372 in 2014 to $679 in 2016. Extrapolating that information using the number of attacks in 2016 per day, this means that ransomware attackers are making approximately $2.716 million every day.
Costs of Liability for Ransomware Attacks are Rising
Lawsuits cost money. In 2014, New York and Presbyterian Hospital paid $3.3 million to settle a data breach violation. In 2015, Target paid $10 million to settle a data breach lawsuit. In 2016, Home Depot paid $19.5 million to settle a data breach settlement. According to legal experts SteinPag, “the rising numbers of attacks and the rising costs of the attacks are not just limited to reputation. Companies need to think about how their data breaches can lead to legal liability. Those legal liabilities will continue to increase as data becomes a currency and breach of that data causes more significant damages.”
Email Is the Leading Cause of Ransomware Attacks
Between 2016 and 2017, information regarding how ransomware attackers found the email to be the most significant entry point. Ransomware emails were up 6,000% during this time. 40 % of all spam had email ransomware. 59% of infections came from email. These numbers mean that the average user still doesn’t understand the dangers associated with phishing emails. Since attackers have had such great success with email, 2017 looks to see a rise in the use of email as an attack point.
The trends regarding ransomware are frightening. As the Wannacry incident shows, people are not prepared for a large-scale attack. Going forward, the number and size of these attacks will only increase making them something that should be a priority for all technology users.
