Midmarket firms are getting hit hardest by ransomware. Data from 2017 shows that 29% of the companies with 1,000 to 5,000 employees are getting struck by ransomware. If companies that size—who presumably have the resources to guard against this scourge—are getting hit, then avoidance does not bode well for smaller firms. Data also showed that those in manufacturing, technology, and consumer-focused industries experienced the most ransomware attacks.
Here are some other key data points:
- Average downtime is 14 hours
- Mid-size organizations suffered the most downtime
- The more critical the data held ransom, the more likely ransom is to be paid
- 97% report that ransomware encryption attacked MS Office files that are critical, sensitive, and proprietary
- Most organizations don’t pay the ransom
- Ransoms ranged from $500 to $1,000,000
- Bitcoin paid ransoms were typically $500 to $11,000
- 61% recovered servers from backups
- 35% recovered workstations from backups
- Adding awareness training decreases malware infections by 37%. Sending phishing tests via email provides you the ability to monitor your users, see what they click on, and provide additional training if required.
Here are some useful links for you and your end-user community:
- Written tips and a three minute tips video for your users – Educate your users – Don’t let them be tricked into downloading ransomware/malware
- Should you buy cyber insurance?
- I Am a Non-Technical Executive… What Seven Things Should I Be Asking My IT Guys About IT Security?
- Ransomware Protection Manual
Contact me if you want to know how you can provide your users security training. Contact Info: Oli Thordarson at (949)428-5005 or Toli@alvaka.net
*Statistical data shown above is from KnowBe4. You can download the full report here – The 2018 Threat Impact and Endpoint Protection Report