IBM Reports Ransomware Up 33% in 2020 Q2, Ransomware Cyberinsurance Claims Rocket Up 260%
Ransomware has been racking up huge hits to companies in every sector. Grown increasingly common as phishing attack rates soar, with a more than 600% increase in phishing email bringing more ransomware risks to businesses, ransomware is a threat to every company of every size. New reporting from IBM and cyber insurers bears this out, with ransomware up 33% in 2020 alone with soaring cyberinsurance claims illustrating the increased danger and expense from this menace.
More Opportunity Means More Risk
IBM’s recent report on ransomware threats in Q2 2020 shows that ransomware is the big kid on the block right now. With a 33% increase in attacks notes, IBM says around 1 in 4 attacks it’s seeing include a ransomware component. So far in 2020, the report concludes that ransomware had nailed manufacturing companies hardest, accounting for nearly 25% of incidents. Rounding out the top 3 industries hit with ransomware are professional services at 17%, and government organizations at 13%. Ransomware has also had a serious impact on educational and healthcare sector targets in 2020.
This tracks with information recently released by North American cyber insurance giant Cotillion. The insurer reports that ransomware incidents have accounted for 41% of cyber insurance claims filed in the first half of 2020, with a 260% increase in the frequency of ransomware attacks reported by their policyholders, and the average ransom demand increasing 47%.
With ransomware up 33% in 2020, Make sure your company’s security awareness training includes phishing resistance and is refreshed at least quarterly for effectiveness. IBM also offered a few recommendations, and they dovetail perfectly with advice provided by watchdog agencies around the world: increase access control with tools like multifactor authentication (MFA) and boost penetration testing to find vulnerabilities, including phishing penetration testing.
No company is too small to be at risk for cyberattacks, including ransomware. Here’s how we can help:
Increase Access Control
Increasing access control at your business starts with making secure identity and access management a top cybersecurity priority. In a recent survey of CISO priorities in 2021, 43% of those surveyed said they’re investing in IAM ahead of areas like improving endpoint security and updating legacy infrastructure. CISA and NIST guidelines also cite secure identity and access management including MFA as a recommended mitigation for ransomware threats.
Passly is exactly what your business needs to guard against ransomware. This dynamic multitool solution gives you cutting-edge MFA with multiple delivery methods for tokens, as well as a slew of other features that help create an even stronger security posture against intrusion: single sign-on LaunchPads for every user, secure shared password vaults, easy remote management, and seamless integration with 1,000+ common business applications. The best part? Passly is cost-effective and deploys fast, getting your business protected in days, not weeks.
Increase Phishing Penetration Testing
Ransomware almost inevitably arrives at your business as the poisoned cargo of a phishing email. A precipitate increase in phishing that started at the beginning of the pandemic means that more ransomware-laden phishing emails are headed your way. As part of this surge, ransomware has become a huge problem in industries such as healthcare and education that didn’t use to be high on the cybercriminal priority list – especially as an attack surface for nation-state actors.
Increasing penetration testing against potential phishing is a critical component of a strategy to beat ransomware, and BullPhish ID answers the call. Security awareness against ransomware starts with phishing resistance. BullPhish ID makes it easy to run phishing simulations with plug-and-play phishing penetration testing campaigns to see how much of a problem your business would have in the event of a phishing-based threat like ransomware. BullPhish ID also enables you to transform your staff into savvy anti-phishing defenders with video lessons about the latest threats and use online testing to measure retention in a flash.
