Major International Study Finds Nearly 40 Percent of Enterprises Hit By Ransomware in the Last Year

LONDON – August 3, 2016 – Malwarebytes™, the leading advanced malware prevention and remediation solution, released new findings today on the growing threat to companies from ransomware. The multi-country study surveyed 540 CIOs, CISOs and IT Directors from companies with an average of 5,400 staff across the U.S., Canada, U.K. and Germany and found that nearly 40 percent of businesses have experienced a ransomware attack in the last year. Of these victims, more than a third lost revenue and 20 percent had to stop business completely.

The report, entitled “State of Ransomware,” was sponsored by Malwarebytes and conducted by Osterman Research to explore ransomware attack frequency, how it works in an enterprise environment, ransom cost, infiltration points, impact, preparedness and more.

“Over the last four years, ransomware has evolved into one of the biggest cyber security threats in the wild, with instances of ransomware in exploit kits increasing 259 percent in the last five months alone. The impact on businesses around the world has been significant,” said Nathan Scott, Technical Project Manager at Malwarebytes and ransomware expert. “Until now, very few studies have examined the current prevalence and ramifications of actual ransomware incidents in the enterprise.”

Additional international findings include:

  • Nature of attacks: 78 percent of all ransomware was known to come through an endpoint, and nearly half of attacks (46 percent) originated from email.
  • Cost of attacks: Nearly 60 percent of all ransomware attacks in the enterprise demanded over $1,000. Over 20 percent of attacks asked for more than $10,000, 1 percent even asked for over $150,000
  • Many are paying the ransom: Globally, more than 40 percent of victims paid the ransom demands.
  • Significant time spent on remediation: More than 60 percent of attacks took more than 9 hours to remediate.
  • Attacks frequent in certain industries: Healthcare and financial services were the leading industries attacked with ransomware globally, both of which were targeted well above the average ransomware penetration rate of 39 percent.
  • Potential loss of life: Amazingly, 3.5% even said lives were at stake because of ransomware’s debilitating effects

Severe downtime: 63% spent more than an entire business day trying to fix endpoints

  • Switch from protection, to disaster planning: The most popular way of addressing the problem is not through protection, but by backing up data (over 71 percent).

The research painted a bleak picture for UK senior UK staff, with the country suffering the highest percentage of ransomware attacks out of all those asked.

Key U.K. findings include:

  • Highest number of attacks overall: Senior UK IT staff (54%) suffered the highest number of ransomware attacks despite seemingly being confident in their ability to stop it (87.2%)
  • UK CIOs, CISOs and IT Directors keenest to pay the ransom: Over half of UK CISOs (58.2%) paid the ransom, the second highest percentage of the international research base and 21x higher than their US counterparts
  • UK companies lose the most money to ransomware: The UK had the highest amount of revenue loss worldwide, with 60% saying the attack cost the company financially, nearly 10x more than US counterparts.
  • Senior UK IT staff unsure of the attack’s point of entry: Lowest per cent globally in terms of awareness of which device the ransomware entered the organization through, nearly a quarter (22%) had no idea whatsoever.
  • Damage in UK businesses is crippling: Worryingly, the UK had the highest % of ransomware encrypting every single device on the corporate network, with 9% of all organisations suffering total blackout through encryption. In the US and Germany, not a single person suffered from this problem.
  • No training in the UK: Despite all this, UK IT managers are least likely to put any kind of ransomware training in place.

To address this issue head on, Malwarebytes also announced today, new anti-ransomware additions to Malwarebytes Endpoint Security (MBES), an innovative platform that delivers powerful multi-layered defense for smart endpoint protection against malware, and now ransomware. Later this month, current and future users of the MBES platform will have access to signature-less behavioral monitoring technology that automatically detects and blocks both known and unknown ransomware, greatly reducing vulnerability to attacks.

“The results from this survey further emphasize that any business in any region is incredibly vulnerable to ransomware,” said Marcin Kleczynski, CEO of Malwarebytes. “Cybercriminals are increasing their use of ransomware in their attack strategies globally, causing business disruption, loss of files and wasted IT man-hours. In order to stay safe, businesses must invest heavily in both employee education and technology. We are thrilled to be able to give companies a solution that can thoroughly protect them against known and unknown ransomware threats.”