top of page

Understanding the Depth of Ransomware in the US; $1 Billion-a-year Industry

Ransomware has become one of the biggest cyber security threats in the world, with instances of ransomware in exploit kits increasing about 44% in the last six months. According to FBI statistics, hackers extorted business and institutions for more than $209 million in ransomware payments in the first three months of 2016.

The business of ransomware is on pace to be a $1 billion a year crime. Malwarebytes presents an exclusive survey with Osterman Research of more than 500 CIOs, CISOs and IT Directors in the U.S., Canada, Germany and the U.K. that explores the following:

  • The rising frequency and severity of ransomware attacks

  • The difference in ransomware penetration by industry

  • Which staff members are most frequently targeted and through which attack vectors

In summary:

• More than 50% of corporate decision makers consider ransomware to be a “concern” or “extreme concern”.

• Nearly 80% of organizations have been the victim of a cyber attack during the past 12 months and nearly 50% have been the victim of a ransomware attack.

• The most heavily targeted industries for ransomware are healthcare and financial services.

• Decision makers in U.S. organizations have a relatively low level of confidence in their ability to effectively stop ransomware. Just 4% of U.S. organizations are “very confident” in their organization’s ability to stop ransomware.

• Nearly 80% of organizations breached have had high-value data held for ransom.

• Nearly 70% of U.S. respondents noted ransomware attacks impacted mid level managers or higher, with 25% of incidents attacking senior executives and the C-Suite.

• U.S. organizations are highly committed to solving the ransomware problem: > 50% consider investments in end user ransomware education and technology-based solutions to be a “high” or “very high” priority.

• Globally, nearly 40% of ransomware victims paid the ransom.

• The majority of U.S. organizations believe that training end users and implementing ransomware-focused technologies are equally important.

Read full article:

bottom of page