LOFFLER The State of Ransomware Today User Guide

LOFFLER The State of Ransomware Today

Product Information

The product is a comprehensive solution designed to protect organizations from ransomware attacks. It provides valuable information about the state of ransomware, its impact on businesses, and key statistics related to ransomware attacks. The product also highlights different types of ransomware and discusses the risks associated with paying the ransom.

The State of Ransomware Today

Ransomware has become alarmingly commonplace in recent years, with weekly activity continuing to grow. Hackers are becoming more demanding, and the ease of obtaining and deploying ransomware software has increased due to the growth in computing power. Large criminal organizations even sell Ransomware- as-a-Service software, enabling unskilled hackers to carry out attacks. Ransomware can result in business disruptions, network downtime, financial losses, and damage to an organization’s reputation and customer trust.

10 Key Ransomware Statistics:

1. Ransomware cost the world $20 billion in 2021 and is expected to rise to $265 billion by 2031.
2. In 2021, 37% of all organizations were affected by ransomware.
3. The average cost to recover from a ransomware attack in 2021 was $1.85 million.
4. IT teams are facing a 64% year-over-year increase in ransomware threats.
5. The majority of ransomware attacks are caused by phishing emails.
6. The average ransom fee has increased from $5,000 to around $200,000.
7. The average downtime after a ransomware attack is 21 days.
8. Ransomware attacks were responsible for almost 50% of all healthcare data breaches in 2020.
9. Around 66% of universities lack basic email security configurations.
10. In 2021, the average payout by a mid-sized organization was $170,404.

Types of Ransomware:

• Crypto Ransomware: This type of ransomware encrypts files on a computer, making them inaccessible without a decryption key. Hackers demand a ransom payment in exchange for the key. It generally affects only data files on the encrypted machine.
• Locker Ransomware: This type of ransomware locks the victim out of their entire system, preventing access to any files or applications.
• Double Extortion Ransomware: This type of ransomware encrypts and exports victims’ data to use as blackmail. Attackers threaten to publish stolen data if the ransom isn’t paid, even if the victim can recover using backups.

Product Usage Instructions

1. Install the product on all systems within your organization that need protection against ransomware attacks.
2. Familiarize yourself with the information provided about the state of ransomware and its impact on businesses.
3. Review the key ransomware statistics to understand the current landscape and potential risks.
4. Learn about the different types of ransomware, including crypto-ransomware, locker ransomware, and double extortion ransomware.
5. Implement best practices to protect your organization from ransomware attacks, such as:
6. Regularly backup important data and store it securely.
7. Educate employees about phishing emails and other common attack vectors.
8. Keep all software and systems up to date with the latest security patches.
9. Implement strong access controls and user authentication measures.
10. Consider using additional security solutions, such as antivirus software and intrusion detection systems.
11. Be aware of the risks associated with paying the ransom. Understand that there are no guarantees of receiving all your data back, and hackers may still have copies of your data even if you pay.
12. Develop an incident response plan to effectively handle a ransomware attack, including investigation, remediation, and recovery processes.
13. Regularly review and update your organization’s security practices to adapt to evolving ransomware threats.

WHAT IS RANSOMWARE?

• Ransomware is malicious software that infects computers and restricts access to files and data until a ransom is paid.
• Ransomware can affect individuals and organizations of any size. As an equal opportunity threat, ransomware impacts SMBs just as much as large organizations.
• Attackers often deploy ransomware after a successful phishing or credential harvesting attack, or through driveby downloads.
• Ransomware is designed to encrypt or lock access to files, thereby preventing access to critical business systems.
• As a result, organizations can face days of network downtime and quickly lose the trust of their customers. It’s a growing threat that inflicts significant damage to individuals, businesses, educational institutions and government organizations across the world.

THE IMPACT OF RANSOMWARE

• Ransomware has become alarmingly commonplace in recent years. Weekly ransomware activity continues to grow each year and criminals are becoming more demanding in their ransom demands.
• The compounding growth in computing power also makes it easier for hackers to obtain and deploy ransomware software through the dark web. Large criminal organizations even sell Ransomware-as-a-Service software via the dark web, enabling unskilled hackers to successfully carry out an attack.
• Business disruptions and network downtime can cost organizations millions if hit with ransomware. Downtime and lost productivity are major drivers of ransomwarerelated costs along with response, remediation and recovery costs.
• Ransomware can also have an enormous negative impact on your organization’s reputation and customer trust. This can tarnish current customer relationships and impact future sales for years following an attack.

10 KEY RANSOMWARE STATISTICS

1. Ransomware cost the world $20 billion in 2021. That number is expected to rise to $265 billion by 2031.
2. In 2021, 37% of all organizations were affected by ransomware.
3. On average, it cost $1.85 million to recover from a ransomware attack in 2021.
4. IT teams are facing a 64% year-over-year increase in ransomware threats.
5. The majority of ransomware attacks are caused by phishing emails.
6. The average ransom fee has increased from$5,000 to around $200,000.
7. The average downtime after a ransomware attack is 21 days.
8. Ransomware attacks were responsible for almost 50% of all healthcare data breaches in 2020.
9. Around 66% of universities lack basic email security configurations.
10. In 2021, the average payout by a mid-sized organization was $170,404.

TYPES OF RANSOMWARE

• Crypto Ransomware
  This type of ransomware encrypts files on a computer making them inaccessible without a decryption key. Once encrypted, hackers demand a ransom payment in exchange for the key. This type of ransomware generally affects only data files on the encrypted machine.

• Locker Ransomware
  Unlike crypto ransomware, this type affects the machines directly by making them unusable. Once payment is received, the hackers will – in theory – unlock the impacted machines. This is an older type of ransomware that is still seen at times.

• Double Extortion Ransomware
  This type of ransomware encrypts and exports victims’ data to use as blackmail. Attackers will threaten to publish stolen data if the ransom isn’t paid. This means that if a victim is able to recover using backups, the criminals still have leverage.

PAY THE RANSOM?

Falling victim to a ransomware attack is a worst-case scenario. You’re most likely looking at high costs whether you choose to pay or not. Investigation, remediation and recovery costs add up quickly.
So, why not pay the ransom?

No Guarantees
Paying cybercriminals for the safe return of your data is a risky venture. There’s no contract in place ensuring you receive everything back. Plus, hackers can easily make copies of your data to sell. Various sources estimate that 65-85% of data is recovered when the ransom is paid.

Fueling the Machine
In many cases, it may be easier and cheaper to take the risk and pay the ransom, although paying only supports the ransomware business model and puts every organization that uses technology at risk. This leads business leaders to a moral dilemma.

What’s the Right Move?
Law enforcement agencies advise not paying because doing so encourages future ransomware activity. Paying can also be illegal due to funding criminal endeavors.
It’s recommended to engage with an incident response team, your cyber- insurance company, law enforcement and other regulatory entities before entertaining the idea of paying.

KEEP YOUR DATA SAFE

The truth is no organization is immune to cyber-attacks. The best way to protect your organization is to take a proactive approach to IT Security. Here are some steps to take to mitigate risk.

1. Multi-Factor Authentication (MFA)
   Implement Multi-Factor Authentication for all critical and public-facing systems.

2. Security Assessments & Vulnerabilty Scanning Perform an annual security assessment and an annual vulnerability scan to determine risks that are specific to your organization.

3. Create a Security Steering Committee
   Create a security steering committee to drive continous improvement. Use the data gathered from annual assessments to address any unique cybersecurity risks to your organization.

4. Maintain Full Data Backups
   Ensure backups are complete, perform test restores regularly and have an “air- gapped” and encrypted copy of the backups that cannot be deleted by an attacker.

5. Detect & Prevent Malicious Software
   Implement an Endpoint Detection & Response solution to protect your laptops, desktops and servers beyond what a traditional antivirus can achieve.

6. Educate End-Users
   Train employees on your organization’s cybersecurity policies, security best practices and email security, and test their knowledge with simulated phishing emails on a regular basis.

7. Create an Incident Response Plan
   An IR Plan acts as a playbook for your organization to follow in the event of a cyber attack or suspected compromise. Test and review your plan annually.

8. Manage Your Technology Lifecycle
   Manage the lifecycle of hardware and software to ensure you don’t have unsupported systems that introduce security risks.

9. Enable Centralized Logging & Alerting Enable centralized and managed logging analysis and alerting for all systems, software, cloud services and firewalls.

10. Create Clear Cybersecurity Policies Implement cybersecurity policies that employees will be able to understand and follow without causing end-user frustration.

Ready to Protect
Your Organization?
Get a Free IT
Security Health
Check Consultation

IT SECURITY RESOURCES

Downloads

• Cybersecurity Checklist
• Cybersecurity Risk Quiz

Videos

• How to Survive a Ransomware Attack
• Small Business Cybersecurity Tips
• What is a Security Score?
• 10 Ways to Improve Cybersecurity Insurability & Minimize Rates

Blogs

• The Real Cost of Network Downtime
• 8 Tips to Lower Cyber Insurance Rates
• 10 Questions to Assess if Your Cybersecurity Plan is Ready for an Attack
• How to Prevent Phishing Emails from Harming Your Workplace

www.loffler.com

References

• Home
• Global Ransomware Damage Costs Predicted To Exceed $265 Billion By 2031
• IT Health Check Consultation
• loffler.outgrow.us/cybersecurity-risk-quiz
• Cybereason: 80% of orgs that paid the ransom were hit again | VentureBeat
• 10 Ways to Improve Cybersecurity Insurability Webinar
• Is Your Cybersecurity Plan Ready for an Attack
• How to Prevent Phishing Emails from Harming Your Workplace
• 8 Tips to Lower Cyber Liability Insurance Rates
• No Cybersecurity Plan? The Real Cost of Network Downtime [Infographic]
• How to Survive a Ransomware Attack
• What is a Security Score and Why Do You Need One?
• Small Business Cybersecurity Tips

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>