June 13 — Data from Radware’s 2018 Executive Application & Network Security Report shows that incidents of ransomware attacks have grown significantly in the last two years, particularly in the Americas.
While ransomware doesn’t break the top two types of cyberattacks for companies in Europe and the Middle East and the Asia Pacific region, it is the number one type of cyberattack experienced by companies in the Americas. Those in Europe and the Middle East are more likely to be targeted with malware, advanced persistent or socially engineered attacks, while firms in the Asia Pacific region face malware and internet of things botnets as well as socially engineered and web application attacks.
In 2016, only 14 percent of reported cyberattacks were ransom attacks, a number that decreased to 12 percent in 2017. But in 2018, that number has jumped to 69 percent of all reported attacks, and two-thirds of the respondents to Radware’s survey reported being victims of ransomware.
Moreover, most of the companies that faced a ransomware attack paid the ransom, and it wasn’t usually cheap:
Yes, we paid:
- 5 percent, less than $1,000
- 27 percent, between $1,000 and $10,000
- 21 percent, more than $10,000
- 4 percent, it’s still ongoing
No, we did not pay:
- 12 percent, were attacked but did not pay
- 31 percent, have not faced a ransom attack
“A ransom payment may make the problem go away for now, but these types of responses won’t drive a business forward,” said Anna Convery-Pelletier, chief marketing officer at Radware. “A reactionary security strategy limits an organization’s ability to secure customer data, protect their brand’s reputation and achieve business goals. Investing in appropriate security solutions is no longer simply an IT expense, it is fundamental to a business’ long term success.”