In 2016, ransomware attacks quadrupled in number over those in 2015. 2017 cybersecurity statistics for ransomware are projected to double again over the number of attacks in 2016. The threat from ransomware is not only growing, but developing to allow hackers to target susceptible organizations and their most valuable data files and alter ransom demands accordingly.
2017 Ransomware Statistics
As we look back at 2016, dubbed “The Year of Ransomware,” it has become clear that the threat of ransomware isn’t going away. The number of attacks quadrupled, ransoms demanded are increasing, and with every new payment to cybercriminals, new incentives are provided to evolve their technology and techniques. Below are some ransomware statistics from 2016.
- Nearly 50 percent of organizations were hit by ransomware in 2016. Look at the company across the street. One of you will be hit by ransomware in the next 12 months.
- $209 million – The number that was paid to ransomware cybercriminals in Q1 of 2016. By the end of 2016, cybercriminals were paid over $1 BILLION from ransomware alone.
- The average ransom demanded in 2016 was $679, almost three times more compared to the ransom demanded in 2015.
- The number of ransomware variants, or families, grew by 600%. Meaning, the number of ransomware threats (think: Cerber, Crypto, etc.) is six times higher than twelve months ago.
- Email is the #1 delivery method for ransomware. We have seen the amount and sophistication of phishing campaigns increase astronomically over the last year. Cybercriminals are posing as actual employees from your company or sending you fake invoices that look legitimate.
- Less than 50 percent of ransomware victims fully recover their data. Common reasons for incomplete backup recovery include unmonitored and failed backups, loss of accessible backup drives that were also encrypted, and loss of between 1-24 hours of input from the last incremental backup snapshot.
It’s predicted that 2017 ransomware statistics will show these numbers doubling over the next year. Do you think it’s wise to keep ransomware as an afterthought? Should you be worried about being hit by ransomware? The answer is clearly YES. Your company needs to be worried, and WatchPoint can help with CryptoStopper. Through the use of deception technology, CryptoStopper will keep your organization and your valuable data safe from being destroyed by the most prevalent cybersecurity threat: ransomware.
Most people think that having a proper antivirus and anti-malware program installed on workstations will prevent a ransomware attack. Like we mentioned before, cybercriminals are becoming more and more sophisticated with their attacks. Through phishing campaigns, the number one method of distribution for ransomware, employees of all kinds are being tricked into clicking on a malicious link or opening a file with malicious code embedded into it. Furthermore, organizations are particularly vulnerable to attacks during IT system freezes, at the end of financial quarters, and during busy shopping periods.
Whether you think your company is properly protected or not, we have a ransomware simulator to see whether your company is safe. PowerShell Encrypter/Decrypter, available through WatchPoint, simulates exactly what ransomware does, encrypt files. This is the only way to truly know if you are protected. WARNING: This tool encrypts files, if you are unfamiliar with PowerShell, DO NOT use this tool.
Chances are, your system is vulnerable to a ransomware attack. Take a deep breath; it’s going to be okay. We have a tool, TestCryptoStopper, which is a safe and easy way to test the effectiveness of CryptoStopper against a ransomware attack. With TestCryptoStopper, you will get a first-hand look at how quickly CryptoStopper isolates a ransomware attack. Click here to learn more about TestCryptoStopper and how to perform ransomware testing on your network today.
CryptoStopper by WatchPoint
How does CryptoStopper work? CryptoStopper uses deception technology in the form of watcher files placed on your important network shares. By continuously monitoring the watcher files for the encryption process to start, CryptoStopper will immediately identify a ransomware attack and will isolate the infected workstation immediately. The workstation will be shut down, and you will receive an email notification informing you that a ransomware attack has been discovered and contained.