Two years ago, ransomware was largely considered as a 'spray & pray' type of attack.
Today it is one of the fastest growing threats in cyber security, with global damages predicted to reach £15 billion by the end of 2021 (that's up from £262m in 2015) and attacks moving towards 'big game hunting' - far more sophisticated attacks against victims that can yield a greater financial pay-off.
- 97% of phishing emails deliver ransomware
- 70% of victims pay the money
- 42% of victims have recovered all of their data
- 1 in 4 victims have never recovered their data
Evidently the risk of ransomware is not going to subside as the world continues into another year of remote working and the employees of organisations continue to use home internet connections; many home connections are far less protected than corporate networks.
Not only does this increase the chances of actors gaining entry to an organisation’s systems, but it also raises questions of liability.
Who is responsible if someone’s home network is taken out as collateral damage during an enterprise hack? Is it the responsibility of the company to ensure their employees home networks are secure? This year will likely bring such discussions to the forefront of cyber security and insurance protocols.
While 2021 will be a boom time for ransomware attackers, solutions such as cloud-delivered, AI-driven security that can react in real time will help us defend ourselves against them. But all enterprises will also have to look hard at their cybersecurity measures and understand that “good-enough security” isn’t good enough at all.