Nearly 40% of firms have suffered a ransomware attack over the past year, according to new global research from Malwarebytes.
The security vendor polled over 500 IT leaders from the UK, Canada, US and Germany to better understand the extent of the ransomware epidemic sweeping the world.
The resulting State of Ransomware report revealed the major impact this insidious class of malware is having on organizations.
First there’s monetary loss – with over 40% paying the ransom, which in 60% of cases was over $1000.
Then there’s business downtime: over 60% of attacks took more than nine hours to remediate, 63% of firms spent over a day trying to fix endpoints, and 20% of organizations had to stop operations completely.
There are even more serious implications for some organizations – especially in the healthcare space. Some 3.5% of respondents claimed lives were at stake due to the impact of an attack on IT systems.
The UK did not fare well in the report, with British organizations losing the most money to ransomware. There were also more UK firms than any other where ransomware encrypted every single device on the corporate network, according to Malwarebytes.
In the face of this onslaught, the smart money should be on improving user training so employees can spot a suspicious email and know not to click any links or open attachments.
However, UK IT bosses were least likely to put training schemes in place, the report found.
Malwarebytes claimed that 78% of all ransomware affecting respondents’ organizations came through the endpoint, but part of the challenge facing firms is that cyber-criminals are also targeting the network and servers, rendering a strategy based solely on securing the gateway and endpoint ineffective.
Malwarebytes technical staff were unavailable at the time of writing, but a spokesman for the firm told Infosecurity: "A layered approach is always going to be the best way of addressing any threat that uses multiple attack vectors."
It’s widely acknowledged that preventative steps should extend to regular back-ups of data along the 3-2-1 method: at least three copies, in two different formats, with one copy offsite.