Malwarebytes™, the leading advanced malware prevention, and remediation solution released its “Second Annual State of Ransomware Report” today, conducted by Osterman Research. The multi-country study surveyed 1,054 companies across the United States, France, U.K., Germany, Australia, and Singapore and revealed that almost half (49 per cent) of UK businesses believe the ransom demanded should be paid following a ransomware attack, compared to 42 per cent globally. Among UK-based organisations that did not pay the extortion fee, 46 per cent lost files, the highest among the geographies surveyed.
The Osterman Research report, “Second Annual State of Ransomware Report,” sponsored by Malwarebytes explores attack frequency, impacts in business environments, cost, attitudes towards payments, impact, preparedness and more. Globally, most organisations experienced attacks and breaches during the past year, with 35 per cent of businesses suffering a ransomware attack specifically. In the UK, this number was higher with 37 percent of organisations admitting to a ransomware attack during the last 12 months. Concerningly, most of those had been victimised more than five times during the past year.
The research also revealed that the downtime caused following a ransomware attack was more devastating for a business than the fees demanded. For nearly three in five of the organisations that were infected with ransomware, the ransom demanded was $1,000 or less. However, for 15 per cent of impacted organisations in the UK, a ransomware infection caused 25 or more hours of downtime, with some organisations reporting that it caused systems to be down for more than 100 hours
“Businesses of all sizes are increasingly at risk for ransomware attacks,” said Marcin Kleczynski, Malwarebytes CEO. “However, the stakes of a single attack for a small business are far different from the stakes of a single attack for an enterprise. Our findings demonstrate that SMBs are suffering in the wake of attacks to the point where they must shut down operations. To make matters worse, most of them lack the confidence in preventing attacks; despite significant investments in defensive technologies. As a security community, it’s important that we thoroughly understand the battles that these companies are facing, so we can better protect them.”
Other UK findings include:
- UK most likely to pay the ransom, evaluating ransom demands on a case-by-case basis: 56.9% of businesses surveyed opted not to pay the ransom, and 46.2% lost files by not paying the ransom; in comparison, 84.1% of French businesses surveyed opted not to pay the ransom, and only 24.5% lost files by not paying the ransom
- This may be because the UK is the least confident when it comes to combating ransomware: While the global average of businesses expressing little or no confidence in their ability to address ransomware was 10.7%, this varied from a low of 1.7% and 2.3% in Germany and France, respectively, to a high of 19.5% in the United Kingdom — quite possibly due to the highly publicised impact of WannaCry infecting the NHS, which of course is a much larger and more funded organisation than the businesses surveyed
- The UK’s lack of confidence may be well-placed, as it’s the most clueless nation when it comes to identifying the source of ransomware: Among organisations that did not know the source of the most severe ransomware infection they had experienced, organisations in the United Kingdom were most likely not to know the source (35.4%) and the lowest was the United States (8.6%)
- At the same time, despite lack of confidence, UK companies proved very resilient when faced with a ransomware attack: Only 17.6% of UK-based organisations reported that the most severe ransomware infection they experienced stopped business immediately, compared to 34.3% of French businesses
“It’s clear from these findings that there is widespread awareness of the threat of ransomware among businesses, but many are not yet confident or equipped in their ability to deal with it,” said Adam Kujawa, Head of Malware Intelligence, Malwarebytes. “Most surprising is the lack of concern from the transportation industry. According to our SMB and ransomware survey they are the least concerned, when in reality they should be the most concerned. The connected infrastructure within a transportation environment is growing along with the number of attack surfaces. Combine that with an increase in attacks on public transportation entities over the last year and the potential for disaster is massive. Industries of all sizes need to remain vigilant and continue to place a higher priority on protecting themselves against ransomware.”
To view the full global “Second Annual State of Ransomware” report for more detailed findings and analysis, visit https://go.malwarebytes.com/OstermanRansomware2017_PRSocial.html.