A new piece of research has found that approaching half of all businesses have been hit by aransomware attack over the last year.
The study from Malwarebytes questioned over 500 IT leaders from companies across the UK and Germany, as well as Canada and the US, and found that almost 40% said they’d experienced a ransomware attack during the past year.
That’s a pretty staggering figure which shows the amount of cybercriminals now wanting to target companies for online extortion – because obviously enough, demands can be higher when made to a business (particularly a large one) as opposed to an individual user.
Of those organisations which were victimised, over 40% ended up paying the ransom. The typical demand was over $1,000 (around £750, AU$1,320) in 60% of cases, but one in five demanded over $10,000 (around £7,500, AU$13,200) to unlock data.
Ground to a halt
Over a third of companies hit by ransomware said they lost revenue due to the incident, and 20% had their business stopped entirely for a time. Over 60% of incidents took longer than nine hours to deal with, Malwarebytes found.
As for how the attacks were delivered, the largest amount – 46% – were initiated via an email. No surprises there – although email was less prevalent as an attack vector in the UK, where it accounted for only 39% of attacks. In the US, it was responsible for 59%.
Nathan Scott, Senior Security Researcher at Malwarebytes , commented: “Over the last four years, ransomware has evolved into one of the biggest cyber security threats in the wild, with instances of ransomware in exploit kits increasing 259% in the last five months alone.”
As ever, staff members need to be educated on avoiding malware and have security policies to follow, but if your business is unfortunate enough to fall victim to a scam, check out our feature discussing whether or not you should ever pay up to ransomware criminals.