Loffler The State Of Ransomware Today User Guide (+ PDF)

Contents hide

1 The State of Ransomware Today

2 Product Information:

2.1 The State of Ransomware Today:

2.2 10 Key Ransomware Statistics:

2.3 Types of Ransomware:

3 Product Usage Instructions:

3.1 Documents / Resources

3.1.1 References

The State of Ransomware Today

Product Information:

The product is a comprehensive solution designed to protect
organizations from ransomware attacks. It provides valuable
information about the state of ransomware, its impact on
businesses, and key statistics related to ransomware attacks. The
product also highlights different types of ransomware and discusses
the risks associated with paying the ransom.

The State of Ransomware Today:

Ransomware has become alarmingly commonplace in recent years,
with weekly activity continuing to grow. Hackers are becoming more
demanding, and the ease of obtaining and deploying ransomware
software has increased due to the growth in computing power. Large
criminal organizations even sell Ransomware-as-a-Service software,
enabling unskilled hackers to carry out attacks. Ransomware can
result in business disruptions, network downtime, financial losses,
and damage to an organization’s reputation and customer trust.

10 Key Ransomware Statistics:

Ransomware cost the world $20 billion in 2021 and is expected
to rise to $265 billion by 2031.
In 2021, 37% of all organizations were affected by
ransomware.
The average cost to recover from a ransomware attack in 2021
was $1.85 million.
IT teams are facing a 64% year-over-year increase in ransomware
threats.
The majority of ransomware attacks are caused by phishing
emails.
The average ransom fee has increased from $5,000 to around
$200,000.
The average downtime after a ransomware attack is 21 days.
Ransomware attacks were responsible for almost 50% of all
healthcare data breaches in 2020.
Around 66% of universities lack basic email security
configurations.
In 2021, the average payout by a mid-sized organization was
$170,404.

Types of Ransomware:

Crypto Ransomware: This type of ransomware
encrypts files on a computer, making them inaccessible without a
decryption key. Hackers demand a ransom payment in exchange for the
key. It generally affects only data files on the encrypted
machine.
Locker Ransomware: This type of ransomware
locks the victim out of their entire system, preventing access to
any files or applications.
Double Extortion Ransomware: This type of
ransomware encrypts and exports victims’ data to use as blackmail.
Attackers threaten to publish stolen data if the ransom isn’t paid,
even if the victim can recover using backups.

Product Usage Instructions:

1. Install the product on all systems within your organization
that need protection against ransomware attacks.

2. Familiarize yourself with the information provided about the
state of ransomware and its impact on businesses.

3. Review the key ransomware statistics to understand the
current landscape and potential risks.

4. Learn about the different types of ransomware, including
crypto ransomware, locker ransomware, and double extortion
ransomware.

5. Implement best practices to protect your organization from
ransomware attacks, such as:

Regularly backup important data and store it securely.
Educate employees about phishing emails and other common attack
vectors.
Keep all software and systems up to date with the latest
security patches.
Implement strong access controls and user authentication
measures.
Consider using additional security solutions, such as antivirus
software and intrusion detection systems.

6. Be aware of the risks associated with paying the ransom.
Understand that there are no guarantees of receiving all your data
back, and hackers may still have copies of your data even if you
pay.

7. Develop an incident response plan to effectively handle a
ransomware attack, including investigation, remediation, and
recovery processes.

8. Regularly review and update your organization’s security
practices to adapt to evolving ransomware threats.

View Fullscreen

THE STATE OF RANSOMWARE TODAY

WHAT IS RANSOMWARE?
Ransomware is malicious software that infects computers and restricts access to files and data until a ransom is paid. Ransomware can affect individuals and organizations of any size. As an equal opportunity threat, ransomware impacts SMBs just as much as large organizations. Attackers often deploy ransomware after a successful phishing or credential harvesting attack, or through driveby downloads. Ransomware is designed to encrypt or lock access to files, thereby preventing access to critical business systems. As a result, organizations can face days of network downtime and quickly lose the trust of their customers. It’s a growing threat that inflicts significant damage to individuals, businesses, educational institutions and government organizations across the world.

www.loffler.com

THE IMPACT OF
RANSOMWARE
Ransomware has become alarmingly commonplace in recent years. Weekly ransomware activity continues to grow each year and criminals are becoming more demanding in their ransom demands.
The compounding growth in computing power also makes it easier for hackers to obtain and deploy ransomware software through the dark web. Large criminal organizations even sell Ransomware-as-a-Service software via the dark web, enabling unskilled hackers to successfully carry out an attack.
Business disruptions and network downtime can cost organizations millions if hit with ransomware. Downtime and lost productivity are major drivers of ransomwarerelated costs along with response, remediation and recovery costs.
Ransomware can also have an enormous negative impact on your organization’s reputation and customer trust. This can tarnish current customer relationships and impact future sales for years following an attack.

www.loffler.com

10 KEY RANSOMWARE
STATISTICS
1.Ransomware cost the world $20 billion in 2021. That number is expected to rise to $265 billion by 2031.
2.In 2021, 37% of all organizations were affected by ransomware.
3.On average, it cost $1.85 million to recover from a ransomware attack in 2021.
4.IT teams are facing a 64% year-over-year increase in ransomware threats.
5.The majority of ransomware attacks are caused by phishing emails.
6.The average ransom fee has increased from $5,000 to around $200,000.
7.The average downtime after a ransomware attack is 21 days.
8.Ransomware attacks were responsible for almost 50% of all healthcare data breaches in 2020.
9.Around 66% of universities lack basic email security configurations.
10.In 2021, the average payout by a mid-sized organization was $170,404.

www.loffler.com

David Braue, “Global Ransomware Damage Costs Predicted to Exceed $265 Billion by 2031.” Cybercrime Magazine. Jun. 3, 2021. ‘The State of Ransomware 2021.” Whitepaper. Sophos Ltd. April 2021 “Cybereason: 80% of orgs that paid the ransom were hit again.” Venture Beat. June 16, 2021.

TYPES OF
RANSOMWARE
Crypto Ransomware
This type of ransomware encrypts files on a computer making them inaccessible without a decryption key. Once encrypted, hackers demand a ransom payment in exchange for the key. This type of ransomware generally affects only data files on the encrypted machine.
Locker Ransomware
Unlike crypto ransomware, this type affects the machines directly by making them unusable. Once payment is received, the hackers will in theory unlock the impacted machines. This is an older type of ransomware that is still seen at times.
Double Extortion Ransomware
This type of ransomware encrypts and exports victims’ data to use as blackmail. Attackers will threaten to publish stolen data if the ransom isn’t paid. This means that if a victim is able to recover using backups, the criminals still have leverage.

www.loffler.com

PAY THE RANSOM?
Falling victim to a ransomware attack is a worst-case scenario. You’re most likely looking at high costs whether you choose to pay or not. Investigation, remediation and recovery costs add up quickly.
So, why not pay the ransom?
No Guarantees
Paying cybercriminals for the safe return of your data is a risky venture. There’s no contract in place ensuring you receive everything back. Plus, hackers can easily make copies of your data to sell. Various sources estimate that 65-85% of data is recovered when the ransom is paid.
Fueling the Machine
In many cases, it may be easier and cheaper to take the risk and pay the ransom, although paying only supports the ransomware business model and puts every organization that uses technology at risk. This leads business leaders to a moral dilemma.
What’s the Right Move?
Law enforcement agencies advise not paying because doing so encourages future ransomware activity. Paying can also be illegal due to funding criminal endeavors.

It’s recommended to engage with an incident response team, your cyber-insurance company, law enforcement and other regulatory entities before entertaining the idea of paying.

www.loffler.com

KEEP YOUR DATA SAFE
The truth is no organization is immune to cyber-attacks. The best way to protect your organization is to take a proactive approach to IT Security. Here are some steps to take to mitigate risk.

1. Multi-Factor Authentication (MFA)
Implement Multi-Factor Authentication for all critical and public-facing systems.
2. Security Assessments & Vulnerabilty Scanning
Perform an annual security assessment and an annual vulnerability scan to determine risks that are specific to your organization.
3. Create a Security Steering Committee
Create a security steering committee to drive continous improvement. Use the data gathered from annual assessments to address any unique cybersecurity risks to your organization.
4. Maintain Full Data Backups
Ensure backups are complete, perform test restores regularly and have an “air-gapped” and encrypted copy of the backups that cannot be deleted by an attacker.
5. Detect & Prevent Malicious Software
Implement an Endpoint Detection & Response solution to protect your laptops, desktops and servers beyond what a traditional antivirus can achieve.

www.loffler.com

6. Educate End-Users
Train employees on your organization’s cybersecurity policies, security best practices and email security, and test their knowledge with simulated phishing emails on a regular basis.
7. Create an Incident Response Plan
An IR Plan acts as a playbook for your organization to follow in the event of a cyber attack or suspected compromise. Test and review your plan annually.
8. Manage Your Technology Lifecycle
Manage the lifecycle of hardware and software to ensure you don’t have unsupported systems that introduce security risks.
9. Enable Centralized Logging & Alerting
Enable centralized and managed logging analysis and alerting for all systems, software, cloud services and firewalls.
10. Create Clear Cybersecurity Policies
Implement cybersecurity policies that employees will be able to understand and follow without causing end-user frustration.

www.loffler.com

Ready to Protect Your Organization?
Get a Free IT Security Health Check Consultation

www.loffler.com

IT SECURITY RESOURCES
Downloads
Cybersecurity Checklist Cybersecurity Risk Quiz
Videos
How to Survive a Ransomware Attack Small Business Cybersecurity Tips What is a Security Score? 10 Ways to Improve Cybersecurity Insurability & Minimize Rates
Blogs
The Real Cost of Network Downtime 8 Tips to Lower Cyber Insurance Rates 10 Questions to Assess if Your Cybersecurity Plan is Ready for an Attack How to Prevent Phishing Emails from Harming Your Workplace

www.loffler.com