You’d think that by this time – that is, the year 2018 – problems such as cyber and ransomware attacks would be a thing of the past in the internet technology sector, what with defense protocols and advancements in computing tech constantly in a state of forward evolution. However, such attacks can happen to any business at any time, and they are actually becoming more sophisticated in their determination to worm their way in behind firewalls and defense mechanisms.
The question then becomes…is your business up to snuff with regard to cyber/ransomware aggressiveness?
Ransomware at a Crossroads
In 2018, we are seeing threats such as ransomware approach something of a crossroads, as attacks decrease in volume yet increase in their aforementioned sophistication. From a criminal entity’s perspective, the switch to banking trojans and cryptominers has been something of a unique road to take – but there are still those lurking in the underground who continue to attack via ransomware, and they’re upping their game.
Here are some eye-opening statistics that have charted – and perhaps foreshadowed – ransomware’s somewhat “rocky” evolution in 2018.
Important Statistics About Ransomware That You Should be Aware Of
As we mentioned above, ransomware – at least for now – is on the decline, falling 30-percent over the past 12 months as cryptominer infections have increased 44.5-percent over the same time period. Beyond this stat, it may interest you to know that:
- In 2017, the number of ransomware “families” dropped 71-percent, but the number of variants increased 46-percent.
- Some 75-percent of organizations infected with ransomware in recent times were reported to be running up-to-date endpoint protection.
- Healthcare and finance remain the top targets for attacks, with nearly half of reported ransomware incidents in 2017 having involved healthcare organizations.
- Ransomware attacks are getting more costly, with the average cost-per-ransomware attack to businesses coming in at an eye-watering $133,000 in 2017.
- RDP continues to represent an overlooked attack vector, with three million endpoints boasting RDP connections currently exposed to the internet.
How More Sophisticated Attacks are Affecting SMBs
According to a survey we analyzed, nearly six out of 10 small to midsize businesses have experienced an increase in cyber and ransomware attacks, and many in the IT industry expect that trend to continue through 2019.
The top five attacks that saw the biggest increase in frequency included:
- Attacks abusing Microsoft Office programs
- Attacks installing cryptominers
- Ransomware attacks
- Attacks abusing other legitimate Windows applications (for example, PowerShell)
- Attacks utilizing worming/lateral movement components
How are criminals stepping up the sophistication of their attack game? Through a fusion of new tactics and more advanced evasion techniques designed to break down the doors of antivirus solutions – thanks, in large part, to the “commodification” of attack tools and frameworks. What this means in non-technical jargon is that today’s criminals can launch fairly advanced attack campaigns, even if they don’t boast much technical knowhow.
SMBs Turn to DMS iTech
Small and midsize companies have less time than ever to become aware of new attack approaches and prepare for them. Indeed, dealing with cyber-attacks is no longer a matter of if but when, and there is a much stronger business case to be made for prevention rather than remediation.