Every month, we look forward to reading the latest statistics about ransomware from diligent research done by BlackFog, a global cyber security company that has pioneered technology to protect companies from global security threats such as ransomware, spyware, malware, phishing, unauthorized data collection, and profiling.
Unfortunately for business owners, the State of Ransomware Report for September 2024 paints a sobering picture. Below are the key takeaways that stood out to us.
1. Ransomware rates remain very high.
September 2024 had the second-highest number of ransomware attacks for the year globally, with 65 publicly disclosed events, including one at Seattle-Tacoma Airport and a $6 million demand for bitcoin. BlackFog uses a metric of 6:1 to estimate undisclosed incidents, indicating that more than 400 businesses, large and small, had to deal with this type of major incident in September.
2. Data theft is nearly universal.
A staggering 93 percent of all ransomware attacks now involve the exfiltration of organizational data before encrypting/destroying computers. This means that even if backups are immutable and IT’s detection software stops the spread, attackers may still have a copy of sensitive records to leverage against you… simply to increase the likelihood that a ransom will be paid.
3. More companies are paying the ransom.
The average ransom payout is $391,015 (up 2.4 percent from Q1 2024), and 43 percent of data exfiltration victims are now paying ransom, up from 36 percent in Q1.
While the growth of cyber insurance may contribute to this trend, the frequency of attacks is unlikely to decline as long as they remain financially lucrative for attackers.
4. U.S. healthcare, government, and education sectors are prime targets.
These three sectors continue to lead in volume, with 269 total attacks in September 2024. They now face more than double the attacks of any other sector.
5. Cyber security action steps for business leaders have not changed.
Business leaders should continue to:
- Manage cyber security risk as a formal program – in partnership with IT – but not inside it. IT cannot do security in their spare time!
- Ensure regular cyber security training for all employees. Phishing emails and unpatched software vulnerabilities remain the top two ways that ransomware gets in.
- Evaluate and strengthen incident response plans. Sophisticated attacks can circumvent even the best tech. The next best way to limit the damage is to have a smart, well-rehearsed response plan where everybody knows their role. Try not to hang all of this responsibility on one person!
If you need a trusted advisor in strengthening your company’s cyber security defenses, contact Kreischer Miller’s Technology Solutions Group, or request a complimentary one hour Complimentary Cyber Health Check-up session with Rob Wilkinson.