It’s official. Ransomware isn’t just one of the most common types of malware, it is the most prevalent malware used in cyberattacks according to the 2018 Verizon Data Breach Investigations Report (DBIR). This report found that of the data breaches involving malware in 2017, 39 percent made use of ransomware, which was twice the amount used the previous year.
These findings were made through an investigation of over 53,000 incidents and 2,200 breaches in 2017. Information about these incidents and breaches was contributed by 67 participating organizations from 65 countries.
Another disconcerting discovery is with the nature of these attacks; cyberattacks aren’t just getting bigger, they’re getting bolder. Ransomware has increasingly targeted business-critical systems like databases and file servers, leading to higher ransom demands.
After analyzing the methods of these attacks, the report deduced that human error is a major weakness, due to the number of employees falling victim to social engineering attacks. Companies are almost three times as likely to be breached as a result of a social engineering attack on its employees than from vulnerabilities in their systems.
What we can learn from this report
It’s easy to see why ransomware is an attractive option for cybercriminals; it comes with little risk, promises high returns, and can be used to target a wide range of devices. What’s most startling, however, is its sudden rise to fame.
As recently as 2014, ransomware ranked 22nd in the DBIR. In under four years, it’s catapulted to the top of the list. This quick rate of increase can probably be explained by the rise of ransomware as a service, which makes ransomware available off the shelf to even the least sophisticated cybercriminal.
The fact that the threat of ransomware has continued to grow unchecked highlights that organizations are still easy targets for such attacks, due to lax security practices and solutions.
What organizations need to do
Organizations need to take these findings seriously and put several security measures in place to protect themselves from ransomware. The first and most obvious step is creating an ongoing program to train employees about cybersecurity best practices. Other measures include clear network segmentation, privileged access management, and employing an efficient patch management framework. The FBI’s recommendations to limit data loss provide a complete set of guidelines on how organizations can prevent as well as recover from ransomware attacks. If they haven’t already, organizations should immediately get started on ensuring their employees are trained in detecting and avoiding social attacks, so they can rest assured that their network is secure from these types of threats. Want to get started? Download our e-book that shows you how to protect your organization from ransomware using the FBI’s recommendations.
