Ransomware is a type of malware that stops users from accessing their data until a ransomware payment is arranged. The money is usually paid in cryptocurrencies to avoid any kind of detection. Ransomware criminals trick you into clicking on infected links. They usually do this by copying the general look of an email to mask their nefarious intentions.
This cybercrime has established a reputation as a high-yield revenue option, as you will soon see from our ransomware statistics. The truth is, however, that ransomware can only bring a large amount of money to individuals—it falls short with bigger hacker organizations. You will see in the text below how ransomware attacks have become less frequent, but at the same time, they’re becoming more and more targeted and sophisticated.
To minimize the risk of becoming a ransomware target, check out the best antivirus software to protect your data online!
Here’s your answer to the question, How much did ransomware make in 2018? This is a large sum, and as a 2018 study from Bromium suggests, cybercrime brings in more revenue than working in a legitimate company. This figure includes both of the types of ransomware, as in, encryption and screen-locking ransomware.
How much does ransomware cost? This is an incredibly high surge compared to 2016, when the annual cost of ransomware was estimated at $1 billion. It’s also important to mention that the money is only a part of what a company loses. The company’s reputation, the downtime, and other factors all amount to disastrous consequences behind these ransomware statistics.
Attackers have realized that businesses will bring them a higher revenue than an individual person. Even though the use of ransomware has decreased, the attacks are now more targeted manual attacks, according to a 2019 report on the state of malware from Malwarebytes.
This did not prove too effective, as most businesses seek help in vain. The amount of time businesses spend unable to access their data, as well as the costs of rebuilding, well surpass the ransom demand.
This mostly goes for small business ransomware attacks. The 2017 prices increased threefold when compared to 2016. Conversely, the average ransomware demand in 2018 is larger for enterprises.
Some individual new versions of file-encrypting ransomware require quite a bit more money than the yearly average, as stated in the McAfee ransomware report from December 2018. Past versions asked for $1,000.
So much for the efficacy of the legal system and their ability to make up for the companies’ losses caused by cybercrime. Most businesses need to understand that, when it comes to ransomware.
Bigger, better, and more sophisticated ransomware strains are popping up on a daily basis. Some of the most profitable ransomware families are SamSam, Crypt XXX, GandCab, and Locky. The ever-evolving ransomware industry is not easy to tackle, and cybersecurity companies are struggling to keep up against new advancements.
This figure covers the ransom demanded, along with the price of downtime, the network costs, and manpower. Assessing the ransomware losses for businesses requires a multifactor analysis—it’s never just the ransom itself.
According to a Datto report in 2018, one of the biggest problems is that most small to midsized businesses don’t bother to report this type of attack. This might be due to the low probability of getting their money back.
If you want to know how to report a ransomware attack to law enforcement, pay attention to the date of infection, the ransomware variant, how the infection occurred, and the actor’s cryptocurrency wallet address. It would also be useful to mention your business type, industry, and number of employees, along with your estimated overall losses.
This answers the question, How is ransomware delivered? Email is the preferred ransomware method with hackers all over the world to this day. It turns out that humans are once again the weak link criminals enjoy targeting.
A report that Cybersecurity Ventures released in 2019 shows the towering volume of cyberattacks companies have to face on a daily basis. In these rather bleak ransomware predictions, it’s clear the number of attacks is expected to grow.
A 2019 report from Singapore-based Cyber Risk Management (CyRiM) states that healthcare will be one of the most affected industries out there.
Hancock Health’s systems were infected by SamSam, the most successful ransomware in 2018. Despite having made backups, the prospect of spending days, even weeks fixing the damages this hospital ransomware caused was too much.
In 2018, the global spending on information security will see an increase of 12.4% from 2018. In 2019, the security market is estimated to grow by 8.7%.
Popular options like Avast Bitdefender and Avira can fend off most of the threats and still run in the background. Online encryption tools as well as a ransomware antivirus are a must, but they might not protect you completely. Click on No More Ransom if you want to check which ransomware you’re dealing with, and whether it’s a false alarm. You can go from there.
This just goes to show that run-of-the-mill endpoint security doesn’t do enough to protect businesses from the latest ransomware threat. The targeted, well-thought-out, and sophisticated attacks are often more difficult to fend off.
An IBM study suggests that most businesses are willing to pay up when under attack, especially when they store important, confidential data. The type of data that’s threatened can range from confidential customer data, financial records, business plans, and high-value intellectual property.
The number of reports of ransomware in India is increasing. India is one of the six countries in the world most targeted by ransomware. As we saw earlier, hospitals are also common targets.
As recent studies have shown, cryptocurrencies aren’t nearly as anonymous as they used to be. Obscuring your purchases or your transaction activities is becoming more and more difficult, especially with Bitcoin. More and more people are considering Monero or Zcash. But how does a ransomware attack work, then? Even with this high transparency, a significant percentage of cybercrimes manage to go unpunished.
This cryptocurrency trading platform was founded in 2011, and it was then seized by the US government in 2017. This stat covers the period from 2014 to 2017.
This latest ransomware attack locked the sheriff’s office and numerous agencies out of their systems. Right after paying the ransom, everyone successfully gained access to their data. The decision to pay up after this new ransomware attack in 2019 might be for fear of severe losses suffered by the city of Atlanta—proof once more that towns and cities are profitable targets.
In March 2018, the SamSam ransomware attacked Atlanta’s infrastructure. Many essential functions were affected, including citizens’ abilities to pay water bills and parking tickets. The money the attackers demanded was way above the average ransomware demand. The recovery costs, as you can see, exceeded the ransom by far. So, if you want a simple answer to the question, “Does paying ransomware work?” think about your priorities—public safety should be high up on the list, because paying the ransom only breeds more crime. Atlanta spent over $5 million on rebuilding their computer network and $3 million on crisis managers and emergency consultants.
The White House estimated the global damages. Once released, this malware raced through Ukraine and infected various machines all over the world. Various institutions were affected, from healthcare institutions in Pennsylvania to a chocolate factory in Tasmania.
It took the Ukrainian company around three months to fully restore itself after the file-scrambling mess that ravaged its networks. Ukrainian companies were among the first to state they were under attack and suffering the effects of ransomware.
The attack cost one of Europe’s most prolific building supply companies 1% of their first-half sales. In 2016, Saint-Gobain made €39.1 billion in sales, which means the company probably lost around €200 million in turnover in this global ransomware attack.
Millions of dollars are lost through technology cleanup, lost sales, and disrupted business. Merck CFO Robert Davis stated that NotPetya had “negatively impacted third-quarter results, including an unfavorable revenue impact of approximately $135 million from lost sales and approximately $175 million in costs, spread across the cost of goods sold and the operating expense lines.”
Taiwan Semiconductor Manufacturing Company (TSMC), an Apple iPhone supplier, was temporarily shut down in August of 2018 after the virus spread to 10,000 of their machines. This was one of the worst recent attacks.
Against the FBI’s advice, the school district decided to pay the ransomware attackers and got most of their computers back. The complete lack of offsite backup was one of the main reasons.
Out of 1,379 malware incidents, the above-mentioned percentage is the majority. A malware attack is still a popular way to dump ransom malware onto a target’s computer.
This is what we know from the most recent 2019 studies of ransomware attacks in the USA. Out of these infections, 59% of the ransomware was delivered via ph