As Ransomware Attacks Grow in Sophistication, Both Employees and Employers are Paying Ransoms in Record Numbers
Thursday, November 2nd, 2017
Intermedia, a leading cloud business applications provider, released Part 2 of its three-part 2017 Data Vulnerability Report, which examines the critical security behavioral habits of more than 1,000 office workers and provides guidance on how to handle them.
Ransomware attacks continue to grow exponentially
The threat of ransomware, when hackers infect devices with a virus and hold data hostage until a sum of money has been paid, is only getting worse. According to Cybersecurity Ventures, global ransomware damage costs are predicted to exceed $5 billion in 2017, which is up from $325 million in 2015. Our latest study shows that the average amount paid in ransom among office workers now stands at approximately $1,400.
Even with the increased publicity and impact of global ransomware attacks like WannaCry and Petya, and emerging strains such as Bad Rabbit, awareness still lags behind. About one-third (31%) of office workers admit they aren't familiar with ransomware. This is not for lack of effort among companies though, with 70% of office workers saying their organization regularly communicates about cyber threats and nearly one-third (30%) saying their organization specifically highlighted the WannaCry ransomware attack as an example.
Employees actions may be contributing to ransomware spike
While education helps with confidence in detecting ransomware, employees aren't always instructed on what to do if they are a victim. As a result, employees hit by ransomware may take actions that could dramatically undermine their organizations' security efforts -- and damage their bottom line. Intermedia's report found that:
Employees shoulder costs of ransomware payments more often than employers: Of the office workers that have fallen victim to a ransomware attack at work, the majority (59%) paid the ransom personally, and 37% said their employers paid1, demonstrating employees and employers alike don't feel like there is an alternative to paying the ransom
For those whose organizations highlighted WannaCry specifically and have been hit by ransomware, surprisingly 69% still paid a ransom themselves, further highlighting that most office workers don't know what to do if they are hit
No one is immune from a ransomware attack:
More than 73% of impacted Millennial workers affected by ransomware, often viewed as the most computer-savvy group of employees, report paying a work-related ransom
68% of impacted owners / executive management said they personally paid a work-related ransom
"Our latest report shows that, even in the face of increasing attacks, there are large gaps in overall awareness of how to handle a ransomware strike," said Jonathan Levine, CTO at Intermedia. "Employees are willing to go to great lengths to try to get data back, including paying ransoms out of their own pockets, even though 19% of the time the data isn't released even after the ransom is paid. Organizations need to focus education efforts not just on what ransomware is, but what steps employees should take if they are impacted. Regular communication is especially important right now with new malware strains like Bad Rabbit posing as seemingly harmless Adobe Flash updates. There are steps that can be taken to not only prevent these attacks from happening, but also, should one occur, to get the data back without paying the ransom. Simply put, the growth in ransomware attacks is fueled by the people and organizations willing to pay a ransom."
SMBs are particularly vulnerable to ransomware attacks
"As ransomware continues to evolve and become more advanced, organizations of all sizes and types must acknowledge it as a very real threat," Levine continued. "This is especially true for SMBs that may not have the resources, tools or training that larger organizations use to recognize, prevent and protect themselves from such attacks. Ransomware can infiltrate and shut down an entire business through just one infected computer. More often than not, SMBs feel they are forced to pay a ransom they can't, but must, afford. And hackers realize this."
What organizations should do, in light of these findings
As Intermedia's report suggests, much of the pain and agony ransomware inflicts can be prevented. Even once the initial damage is done, educated employees can still help to contain the infection by closing their computer to get it off the network. Employees need to know about the dangers of dealing with cybercriminals directly. Organizations cannot let shame or lack of knowledge drive their employees to feel like paying a ransom themselves is even an option. Simultaneously, organizations should have a continuous backup product. This will reduce the file restoration process down to minutes. Productivity won't be held at a standstill, and businesses won't need to pay the ransom in the first place.
Part 2 of Intermedia's 2017 Data Vulnerability Report provides additional eye-opening insights into the reality of how office workers handle ransomware attacks and the impact on their organizations. The report includes tips and advice for companies on how to prevent a ransomware attack as well as a step-by-step guide on how to recover should you fall victim…without paying the ransom.