Let these numbers sink in: 304 million. That's the number of ransomware attacks worldwide in 2020. $20 billion. That's the estimated cost of those attacks.
And 65,000 of those attacks occurred in the United States—that's seven attacks an hour—according to an NPR article citing a Recorded Future statistic. The recent high-profile Colonial Pipeline attack that threatened gas shortages in the South East, along with an attack on meat processing company JBS, has thrown ransomware back into the headlines in recent weeks.
Ransomware is a form of malicious software an attacker uses to encrypt or destroy files, forcing victims to pay a ransom to regain access. Many of the current ransomware variants lock up networks and deny access to business-critical data.
"The prevalence and impact of ransomware on businesses are frightening," said Kris Jackson, enterprise cybersecurity architect at BOK Financial®. "And the leading cause is simple: phishing emails."
In 2020, 54% of the ransomware attacks were initiated by phishing emails, in which attackers send fraudulent messages to lure victims into revealing personal information, such as passwords or credit card numbers. Poor user practices and lack of cybersecurity training are the second and third most frequent causes, among others.
How many attacks could have been avoided if businesses and employees were better prepared to identify malicious content before it's too late?
Industries under fire
Ransomware doesn't stop at networks or computers; attackers are constantly evolving their tactics, and attacks can now infect even your smartphone. The Cybersecurity & Infrastructure Security Agency warns that anyone with a device connected to the internet or those with important data is at risk.
Colonial Pipeline paid the $4.4 million ransom to restore access to their network—of which $2.3 million in cryptocurrency was later recovered. And in 2020, hospitals and healthcare systems dished up billions in ransom.
No business or industry is immune: ransomware attacks are happening across multiple sectors in large and small businesses alike. But five industries rise to the top as likely targets this year: small businesses, healthcare, government agencies, energy companies and higher education, according to CDNetworks.
Whatever the business, ransomware not only compromises data but also accounts for lost productivity and impacts a company's reputation.
"The best defense against ransomware is preventing it—and it's more important than ever for companies and employees to work to prevent cyber incidents through training and good user behavior," said Paul Tucker, chief information security officer at BOK Financial.
“The best defense against ransomware is preventing it—and it's more important than ever for companies and employees to work to prevent cyber incidents through training and good user behavior.”- Paul Tucker, chief information security officer, BOK Financial
Take the next step
On average, we might each receive around 120 emails per day, and all it takes is one wrong click.
"In our fast-paced world, it's critical for businesses to prepare themselves and their employees appropriately to safeguard against cyberattacks. So take time to read emails carefully. If something looks off, it probably is. All it takes is one wrong click to bring down your entire company," said Tucker.
But it's important to remember that it's more than just monitoring emails. Preventative measures include:
- Data backups. In the event of a ransomware attack, companies can use previous system data to restore their network.
- Regular training. Cybersecurity awareness training plays a crucial role in preventing cyberattacks of any kind, and organizations should test employees with phishing simulations to help keep cyber skills fresh.
- Be prepared. Make sure you have an incident response and business continuity plan, and routinely test it so you are ready in the event of ransomware.
- Cybersecurity insurance. Consider investing in insurance to cover extortion tactics, liability, data restoration and more. As with any insurance policy, it's best to regularly review and update the policy as the needs or size of your company change.
- Ransomware Guide. CISA and the Multi-State Information Sharing and Analysis Center released a customer-centered Ransomware Guide, aiming at equipping individuals and businesses with ways to protect, prevent and recover from a ransomware attack.
"Ransomware isn't going away, and not all ransomware attacks are preventable," said Tucker. "But being prepared, having a cybersecurity playbook and robust programs, and investing in educating employees about the importance of cybersecurity safety will go far in protecting your business and clients."