Ransomware is the monster under the bed for IT teams. These days cybercriminals aren’t just stealing your data either – ransomware is being used to shut down utilities, disrupt manufacturing, interrupt education and bring business to a screeching halt for thousands of companies every day. Plus, double extortion ransomware enables cybercrimnals to sell you your unencrypted data back twice. Ransomware is almost always the poisonous cargo of a phishing attack. As these facts about ransomware show, protecting your business from ransomware starts with protecting it from phishing – and Graphus can help with that.
These 10 facts about ransomware in 2021 illustrate just how dangerous phishing is for your business.
- 75% of organizations worldwide were hit with at least one phishing attack in 2020.
- 50% of all ransomware attacks in 2020 used double extortion ransomware
- 65% of active cybercriminal gangs use spear phishing as their favored method of delivery for ransomware
- Ransomware cyberinsurance claims grew by 260% in 2020
- A cyberattack is launched every 39 seconds.
- 51% of businesses were victims of ransomware in 2020
- 48 % of infectious attachments that contain malware like ransomware are Office files.
- 94% of ransomware and other nasty malware arrives at businesses via email
- More than 80% of reported security incidents are phishing-related
- Experts estimate that a ransomware attack will take place every 11 seconds in 2021
- See if your email security solution is getting the job done to secure your business with our checklist Can Your Email Security Do These 10 Things?
The Ransomware Attack Lifecycle
Ransomware usually starts as an email, carefully designed to trick the target into interacting with it. Once that target swallows the bait by downloading a file or clicking a link to a website, it infects your systems and starts doing its nasty work. Here’s the typical lifecycle of a ransomware attack:
- Cybercriminals decide to target your company and plan to take your data and systems hostage.
- They use information gathered from many sources (including the Dark Web) to carefully craft a phishing email that will be especially appealing to your staff.
- The email makes it past your security and lands in your employees’ inboxes.
- One of your employees takes the bait, opens the email, and interacts with it by visiting a poisoned website or downloading a tainted attachment.
- The malicious payload infects that computer with a ransomware client that takes control of it.
- The infected computer then establishes a connection with the cybercriminals’ network to begin freezing your systems or encrypting your data.
- The cybercriminals contact you offering the encryption key that unlocks your systems and data – for a price, payable in cryptocurrency.
- You have two choices: Pay the ransom or restore your data and systems in another way.
How Big of a Problem is Ransomware?
Ransomware was the most common reason behind Microsoft incident response engagements from October 2019 through July 2020.
One in four attacks that IBM Security X-Force Incident Response remediated in 2020 were caused by ransomware.
Ransomware has become such a widespread problem that CISA established a new one-stop resource center to help organizations stem the tide of attack in January 2021.
AI-Powered Phishing Defense Helps Stem the Tide of Ransomware Risk
Powered by AI technology, Graphus learns and evolves with your business to provide advanced protection against phishing, ransomware, malware, spear phishing, business email compromise (BEC) scams, account take over (ATO) attacks, and malicious attachments and web links.
- TrustGraph keeps phishing email away from employee inboxes by analyzing over 50 different attributes of your employees’ communications, including the devices they use, who they message most, what time of day they communicate, and more to detect suspicious email.
- EmployeeShield places warning banners on messages that may be unwanted and Phish911 empowers employees to report potential phishing email with just one click.
- Messages that are flagged as potential phishing threats are removed from every employee’s inbox as soon as they’re reported and quarantined for further review by IT staff to avoid accidents.
- Affordable automation and instant configuration mean you avoid the soft-costs that typically accompany new security solutions, freeing the IT team to focus on other activities and increasing operational efficiency.
- See how security automation saves businesses money in the eBook Automated Email Security Makes Cents.
- The smart algorithm never stops learning, refining your protection against new threats by harvesting data that helps it make future decisions without relying on traditional threat intelligence or human intervention with patches and updates.
Getting the facts about ransomware can help you develop an effective strategy to fight back against it. Contact our experts to see how smart, affordable, automated phishing defense from Graphus will benefit your business today.