Manufacturing Represents 62% of all Ransomware Payments
In 2017 Kivu facilitated ransom payments of over $17m for over 143 cases. Of this they took 63 of those cases and identified trends that they released in a report detailing what industries where hardest hit and who had the largest payouts.
Ransomware Attack Myth
It’s a common misconception that ransomware attacks target only big businesses when in reality they target organizations of all shapes and sizes. Often going after the small to mid-range business as they don’t have the same budgets or IT personnel to invest in cybersecurity.
Picture Paid Ransomware cases
Image courtesy of Kivu Consulting
Part of Kivu’s paid ransom report shows that although manufacturing represented only 18% of the cases, manufacturing paid out 62% of the total sum of all ransom paid between all cases analyzed. The highest paid ransom at almost $2m! 67% of paid ransomware attacks against manufacturing came from a single variant the Ryuk crypto-ransomware.
Ransomware Incident Response: Once infected, the victim then has three options:
- Restore from Backup. Historically this has been doable but, in many cases, business still paid the ransom even when they had viable backups. Primarily it was cheaper to pay the ransom then go through a logistical nightmare and operational outage to try and recover all the data. Recovery can take days and sometimes full recovery over a week depending on the backups the business was using.
Now in 2020 hacker groups have introduced a growing trend that they are no longer are satisfied with holding data hostage. There is a strong and swift pivot for hacker groups to not only hold data ransom but to also steal your data to gain more leverage even if you have a backup to restore from. If their ransom demands aren’t met, they release the data on the dark web which exposes businesses to potential legal, reputational and compliance complications.
- Pay the ransom and go through the process of decrypting the data. (The bad actors don’t make it easy. They give you decryption key and you must go through all the work of recovering your data via decryption tools. They don’t do it for you.) The FBI also strongly discourages payment of ransom for with the notion that if businesses didn’t pay, the bad actors wouldn’t do it anymore. The problem is that ransomware pays extremely well and over 90% of those who get ransomware end up paying out the ransom.
- Don’t pay the ransom and forfeit the data. You are then at the mercy of the attackers on whether they publish your data on the dark web.
Average cost to a ransomware attack image - The State of Ransomware 2020 - Sophos
Better to know your risks and vulnerabilities than to assume everything is OK. Reach Out for a FREE Vulnerability evaluation and we can help assess where you are at and help you build a roadmap for managing modern cyber risks.
Teknologize has clients throughout the Pacific Northwest with offices located in the Tri-Cities, Washington 509.396.6640 and Bend, Oregon 541.848.6072.