Ransomware attacks to quadruple in 2016, study finds
Based on the trends from the first nine months of 2016, the number of ransomware attacks this year will be four times higher than last year, according to data from Beazley, a data breach response insurance company.
Ransoms sought from targeted companies remain low, often in the region of $1,000; however, a ransom is not the only cost incurred by a company that suffers such an attack, Beazley said. For example, after a ransomware attack, typically an extensive review of company systems and data is required to ensure that the malware has been removed and data is clean.
During the first nine months of 2016, the Beazley Breach Response Services unit managed 1,437 data breaches on behalf of clients, compared with 931 breaches during the same period in 2015, the company reported.
Learn more at the Privacy & Security Forum in Boston Dec. 5-7, 2016.
“From what we are seeing, it appears that many hackers are finding it easier to make money by holding companies to ransom for bitcoin than through selling personal data on the dark web,” said Katherine Keefe, global head of Beazley Breach Response Services. “But the persistently high levels of hacking and malware attacks of all kinds are a reminder that organizations across industries, and of all sizes, need actionable plans ready to implement when a breach occurs.”
Analysis of the 1,437 breaches the Beazley Breach Response Services unit handled so far in 2016 revealed:
- Ransomware attacks are soaring. Beazley’s clients were the targets of more attacks in July and August of 2016 (52) than in all of 2015 (43).
- Hacks are persistent. The proportion of data breaches deriving from hacking and malware attacks in the first nine months of this year across all industries stood at 31 percent, in line with the percentage of such incidents observed in 2015 (32 percent).
- Hackers are focusing more attention on financial institutions. Financial institutions are facing a higher proportion of breaches involving hacking and malware.
- For healthcare providers, human error presents a larger risk. Within healthcare organizations, breaches caused by unintended disclosure represented 40 percent of all incidents in 2016 to date, a sharp rise from 28 percent in the first three quarters of 2015. This is connected to the large amount of information shared between organizations in this industry.
- Hackers or malware caused 19 percent of healthcare breaches, down from 28 percent in 2015.
Ransomware will be among the topics experts address at the Privacy & Security Forum takes place in Boston Dec. 5-7, 2016. What to expect:
⇒ How to beat back hackers and savvy cybercriminals? Delve into the dark web
⇒ A CISO, consultant, and infosec vendor nail down cybersecurity best practices
⇒ Gone' phishin': Mayo Clinic shares tips for fending off attacks
⇒ What's the fundamental problem with cybersecurity? Relying on the Internet
⇒ Security budgets grow but breaches continue unless hospitals adopt best practices
⇒ Think offshoring PHI is safe? You may not be covered if a business associate breaches data