Ransomware – Increasingly Hitting Businesses
Ransomware hits both individuals and businesses, but businesses are being targeted more than ever, and end up paying significantly higher ransoms—often tens of thousands of dollars.
This week, Los Angeles Valley College disclosed that it paid $28,000 in ransom to hackers who had used malicious software to commandeer a number of their computer systems.
While ransomware has generally focused on individuals, we are now seeing a trend of more sophisticated attacks that are targeting businesses. This shift to corporations is not really a surprise. Business documents are much more valuable than personal documents, and companies can afford to pay higher ransoms than individuals. The average ransom for an individual is around $300 dollars—significantly lower than the $28,000 paid by Los Angeles Valley College.
Most Businesses Are Willing to Pay Ransom
IBM recently asked 600 U.S. business leaders what they would do if they faced a significant ransomware attack. It was surprising that a number of the companies had already experienced this situation. A full 70 percent of the businesses that had been ransomed had in fact paid the criminals in order to recover their data and systems. Around 50 percent of those that paid off their attackers had shelled out more than $10,000 dollars. Approximately 20 percent of them had paid more than $40,000 dollars. Other key takeaways from the study include:
- Half of the companies surveyed had experienced a ransomware attack
- Nearly 60 percent of the executives surveyed indicated they would pay a ransom to recover their systems and data
- Twenty-five percent of those surveyed said they would pay between $20,000 and $50,000 dollars
Ransomware Not Going Away Anytime Soon
Ransomware events quadrupled in 2016, with an average of 4,000 attacks occurring every day. More and more of them are targeting businesses. Unfortunately, we expect this trend to continue in 2017 and beyond.
Click here to learn more about Lastline’s protection from ransomware and other types of advanced malware.
Latest posts by Brian Laing (see all)
- Malware-as-a-Service: The 9-to-5 of Organized Cybercrime - March 8, 2018
- Malware Detection—Discovering Cross-Site Scripting Attacks - November 9, 2017
- NSS Labs Shows Lastline’s Exceptional Value for Breach Detection - November 1, 2017