After Ransomware surpassed a record $1billion in payouts last year, ExtraHop, a cloud-native network detection and response (NDR) firm, has released its global ransomware trends report, a data-driven analysis of ransomware impacts across geographies, industries, and organisations of different sizes.
According to the latest research from ExtraHop, security leaders are increasingly targeted by ransomware actors, averaging nearly eight incidents per year and paying out an average of just under $2.5million in ransom payments.
US organisations are feeling the impact of ransomware the most, experiencing the highest number of incidents on average and paying out the largest ransoms (nearly $2million more than the global average). German respondents, on the other hand, experienced the fewest incidents.
Change Healthcare, the biggest health payment processing company in the US, paid a $22million ransom to ransomware group BlackCat earlier this year.
Despite stating ransomware isn’t its biggest risk, the government sector averaged more than eight attacks last year and had one of the largest average ransom payments of $3.8million. The government sector also noted the largest percentage of organisations paying over $25million in ransom payments.
The US, France, and Australia reported an average of more than nine events in the last year. In these regions, more than half of respondents expressed they experienced more than 10 incidents over the last 12 months. In comparison, the UK, the UAE, and Germany experienced the lowest average number of attacks (less than seven).
Largest firms hit the hardest
The larger the company, the more likely it was to experience a ransomware incident. Organisations with more than 5,000 employees were more likely to pay the ransom every time and, on average, paid more than $4million in ransom payments.
Mark Bowling, chief information security and risk officer at ExtraHop
“Ransomware is targeting some organisations more than others, but despite this notion, everyone needs to be prepared to curtail exposure to the risks and damage posed by an incident,” said Mark Bowling, chief information security and risk officer at ExtraHop. “As ransomware continues to find ways to bypass and evade existing security controls, we can anticipate that these statistics will only grow more dire.
“Amid high-profile political elections and a growing call for regulatory action across the globe, it is time that the cybersecurity industry comes together to develop and adopt a more resilient security framework that can identify a ransomware attack before it devastates entire organisations, industries, and even economies.”
Recognising the potential impact of ransomware attacks, ExtraHop has recommended a number of steps firms can take to better protect themselves. It suggests companies familiarise themselves with common ransomware attack techniques via the MITRE ATT&CK framework and the DFIR report. It also explains the importance of training employees to identify suspicious activities and how to safely connect devices to the network.
The post Firms Should Prepare and Protect Themselves as Ransomware Statistics ‘Grow More Dire’, Says ExtraHop appeared first on The Fintech Times.
