The cost of being ill-prepared for ransomware attacks continues to grow for businesses.
A scheme where cybercriminals hold access to an organization’s digital information hostage until a ransom is paid, ransomware attacks are one of the most significant cybercrimes.
Ransomware attacks worldwide totaled $20 billion in 2021. The costs are expected to skyrocket tenfold to $265 billion by 2031.
What’s more, ransomware breaches continue to grow. Attacks increased 13 percent in 2021 – a spike that totals that of the previous five years.
Small to medium business owners (SMBs) are not immune to ransomware attacks. More than 80% of ransomware attacks hit SMBs. Nearly 75 % of those victims don’t survive the attack.
Only half of U.S. SMBs have a cybersecurity plan. About one-third of SMBs haven’t changed their cybersecurity plan since the COVID-19 pandemic caused them to create or bolster remote and hybrid work opportunities.
Here are our top 12 ransomware attack 2022 questions and their answers:
- How common is ransomware?
- How does ransomware spread?
- How much is a ransomware demand?
- What is the average cost of a ransomware attack?
- What industries are affected most by ransomware attacks?
- How often is a company infected with ransomware?
- How many ransomware attacks are successful?
- What are ransomware groups?
- What is ransomware as a service?
- What is double extortion?
- Will cyber insurance prevent my organization from being attacked?
- How can one prevent ransomware?
1. How Common is Ransomware?
A new company was infected with ransomware every 14 seconds in 2019. Experts believe that the number is closer to 11 seconds in 2022.
The most common types of ransomware include:
2. How Does Ransomware Spread?
The most common way ransomware infects a business is through SPAM/phishing emails. Nearly two-thirds of infections came through this method in 2021. Other infections were caused by:
- A lack of cybersecurity training
- Weak passwords
- Lack of robust access management practices
- Poor user practices
- Malicious websites and ads
3. How Much Is a Ransomware Demand?
The average ransom demand was roughly $220,000 in 2021. This figure may seem high for SMBs, but it accounts for businesses of all sizes. SMBs pay an average ransom of $5,900. The highest ransom demand ever made was by REvil, which demanded $50 million from electronics manufacturer Acer.
4. What Is the Average Recovery Cost of a Ransomware Attack?
The average cost of getting through a ransomware attack decreased in 2021 from $1.85 million to $1.4 million. These estimates don’t include the ransom but account for:
- Lost opportunities
- Recovery expenses (e.g. forensic network analysis)
In its “The State of Ransomware 2022” report, Sophos attributed this decrease to two reasons:
- The rising prevalence of ransomware has made attacks less detrimental to an organization’s reputation
- Cyber insurance providers are growing in their ability to guide victims through the remediation process
5. What Industries Are Affected Most by Ransomware Attacks?
While no industry is immune from ransomware attacks, the industrial goods and services sector was hit more than any other in 2021. High-profile attacks, like the Colonial Pipeline attack in May 2021, garner high payouts. The magnitude that the industrial goods and services sector has on the economy makes ransom payments more likely.
Other industries topping the list include:
- Government organizations
- Professional services
6. How Often Are SMBs Infected With Ransomware?
More than half of all ransomware attacks in 2020 were on companies with fewer than 100 employees. About 75% of attacks were on businesses with revenue of less than $50 million. While large companies make headlines with big payouts, small businesses are easier targets with fewer cybersecurity defenses. Unfortunately, only 14% of SMBs have adequate cybersecurity defenses.
7. How Many Ransomware Attacks Are Successful?
Just more than half of all ransomware attacks were successful in 2021. Almost all of these organizations got their data back. About 40% of attacks were stopped before data was encrypted.
Organizations need to act fast when an attack occurs. Nearly all ransomware infections happen in under four hours, with some software working as quickly as 45 minutes.
8. What Are Ransomware Groups?
Ransomware is quickly developing into a professional industry, with most attacks coming from malicious groups. These groups – or ransomware gangs – often operate like legitimate businesses, with several employee positions, such as coders, research and development, and human resources.
Some of the largest ransomware groups are:
9. What Is Ransomware as a Service?
Ransomware as a service (RaaS) is a subscription-based service that allows affiliates access to ready-made ransomware tools made by developers. A successful ransom payment is split between the developer and the affiliate. Some affiliates earn up to 80% of a ransom payment.
RaaS has lowered the bar for entry, allowing even novice hackers to take on big targets. Even the price for service is low, with kits starting as low as $40 per month.
10. What is Double Extortion?
Companies without a backup are at the mercy of hackers. They must meet the hackers’ demands if they want their data back. Companies with backups can get their data back without paying ransom demands. Hackers have wised up to this. Many ransomware attacks now include a double threat of encrypting the data and threatening to leak data to competitors or sell it on the black market if ransom demands aren’t met.
Nearly 80% of attacks in 2021 included a data leak threat.
11. Will Cyber Insurance Prevent My Organization From Being Attacked?
Just like having health insurance won’t prevent you from getting sick, having cyber insurance won’t protect your organization from a ransomware attack. An organization is responsible for creating and maintaining its own cybersecurity defenses. In fact, many insurance companies won’t issue a policy if an organization hasn’t implemented adequate cybersecurity measures.
Cyber insurance is immeasurably helpful in walking organizations through recovery from an attack. In 2021, insurance companies paid for some or all costs of a ransomware breach in nearly every case where an organization had cyber insurance.
12. How Can One Prevent Ransomware?
Since any organization is at risk of a ransomware attack, it’s important to implement cybersecurity measures, including:
- Employee cybersecurity education
- Current antivirus and endpoint protection
- Strong password management
- Offsite backups
- Multi-factor authentication
Protect Your Organization From Becoming Another Ransomware Statistic
Protecting your organization from ransomware attacks isn’t easy. Omnis Technologies is available to help your business develop an attack prevention strategy. Click here to connect with us today.