Recent Ransomware Study Breaks Down Trends

Malwarebytes recently sponsored a ransomware study, and you may be surprised by the results…

Malwarebytes surveyed 540 IT professionals regarding how ransomware has impacted their organizations.  The study goes into detail about how many ransomware attacks corporations experienced in the U.S., Canada, Germany and the U.K.  In each country, a percentage of businesses were attacked by ransomware 1-5 times.  Specifically, for those surveyed in the U.S. 41% reported experiencing 1-5 ransomware attacks, 18% in Germany, 42% in the U.K, and 27% in Canada.

The speculation behind the U.S. experiencing a higher number of attacks than that of Germany is due to the amount of the ransomware demand.  InfoWorld reported most ransoms demanded in the U.S. are around $500 USD.  However, in Germany the demands are far higher; roughly $10,000 per demand, to be exact.  So although their attacks are not as frequent, the financial magnitude is far higher than that of U.S. attacks.

The survey also found that only 3% of U.S. companies reported paying the ransom demand.  This is far lower than Canada, who reported paying the ransom 75% of the time.

If you ever find yourself the victim of a ransomware attack, we recommend you take the following five steps:

1. Do not pay the ransom – If you do, you’re just giving the hackers a reason to keep hacking.  Use your back up files to restore your systems.  Again, don’t pay!!
2. Inform the FBI – By informing the FBI they can investigate to potentially bring legal action against the hacker.  All cyber criminal activity should be reported to the federal IC3 agency.  You can file a complaint with them here.
3. Notify your current security software company – You also MUST inform your security software company.  If they didn’t know they missed a malicious attack, they cannot stop it in the future.  Also, many anti-virus software companies share their blacklist, or the list of known bad files.  So by sharing it with your software company, they then share it with others; saving thousands of people from falling victim to the same attack that just got you.
4. Educate yourselves and your employees – Many times we attend one training, or listen to one webinar and consider ourselves educated on the matter.  This cannot be further from the truth.  Continued education on current cyber security threats is imperative.  We recommend our friends at KnowBe4 for both personal and enterprise training on cyber security.  As always, all PC Matic home security subscribers are offered a free cyber security training through KnowBe4 as well.
5. Reevaluate your security software protection – If your security software failed you, perhaps you should look for an alternative security option.  The United States Computer Emergency Readiness Team (US-CERT) strongly advises using a whitelist security technology.  For personal uses, PC Matic home protection offers superior protection with advanced whitelisting technology.  For enterprise use, there is PC Matic Pro, which offers advanced security protection with proprietary whitelisting technology.