Ransomware continues to pose a real issue for SMBs, with cybercrime evolving and becoming more sophisticated every day. In order to get a grasp on the scope of the situation, an independent survey of 5,000 IT/cybersecurity leaders was conducted in the first two months of 2024. The participants were companies with 100-5,000 employees across 14 countries, including 855 participants in the United States. The respondents were asked to answer based on their experiences over the last year. (Source)
While some smaller companies may feel that ransomware is not a threat, these statistics suggest that organizations of all sizes should be diligent and proactive in responding.
- 58% of American companies were the victims of a ransomware attack in the last twelve months. Globally, 59% of participants reported that their organization had experienced this type of attack in the last twelve months. This number is actually down from 68% in 2023.
- 44% of computers were affected by a ransomware attack on some level; the global average is 49%.
- The most common method of attack against U.S. organizations (33%) was compromised personal information (such as passwords). Exploiting vulnerabilities in security protocols was the second most frequent avenue of attack(32%).
- 58% of ransomware attacks caused data to become encrypted, significantly below the worldwide average of 70%.
- Data was stolen in 39% of incidents, above the global average of 32% – and more than double than the levels in 2022.
- In 94% of ransomware attacks in both the United States and around the world, cybercriminals attempted to compromise the company backups. 66% of these attempts were successfully executed.
- U.S. companies are more likely to get their data back by paying the ransom (62%) than using backups (61%). This marks the first time that paying to recover data surpassed utilizing backups. Relying on backups is still the most common method for restoring data (68%) versus 56% that paid the ransom demand.
- 232 United States participants shared the initial ransom demand, revealing that the mean ransom demand was $5,198,491.
- 81% of ransom demands represented $1 million or more.
- The ransom actually paid in the United States was, on average, 81% of the initial demand. Global organizations paid 94% of the initial demand.
- 78% of ransom payments in the United States are funded from multiple financial sources.
- Cyber and business insurance providers paid a portion of the ransom in four out of five of incidents,
but only paid the entirety of the ransom in 2% of events. - The average cost of recovering from a ransomware attack was reported at $2.91 million, which includes downtime, human resources, hardware and network costs, and opportunity costs but does NOT include any ransom paid.
- Nearly all U.S. ransomware victims reported the attack to law enforcement and/or an official government body – only 2% do not. Over 60% of those respondents said they were satisfied with how easy it was to engage with law enforcement, while 39% found it somewhat or very difficult to work with law enforcement on this matter.
Partnering with Managed Services is a Smart Ransomware Strategy
While the overall rate of ransomware attacks has lessened over the last 12 months, the consequences of those attacks have increased. In fact, here is one last statistic to consider – organizations are spending more time in the recovery phase than ever before. Only 36% were fully recovered in a week, and 35% took up to 6 months – compared to 45% and 18% in 2023. This means that downtime after an attack is significant and can severely disrupt your operations, revenue, and competitive edge.
As cyber criminals become more sophisticated in their attack strategies, it’s vital to keep pace. Managed services can help you to automate your backups, create a redundancy plan and develop a rapid recovery strategy – all without additional capital investment on your part. Are you ready to learn more? Call Alliance IT today.