Every second company pays ransom

July 31, 2023
| No comments
B2B Cyber ​​Security ShortNews

Share post

Cybercrime is not only a danger for companies, but also an alarmingly successful business model: a ransomware attack led to a ransom payment for almost every second company in Germany (45%).

For smaller companies with up to 1.000 employees, it was even more than half, at 55 percent. This is the result of a SoSafe survey of more than 1.000 safety officers from six European countries, which was published in the Human Risk Review 2023.

Ransomware pays off for the attackers

Compared to other European companies, companies in Germany pay more often than those in the UK (38%) and France (30%). In contrast, more ransom payments are made by Dutch companies (46%). Ransomware also remains one of the most common types of cyberattacks, according to the research: one in three organizations (32%) that have been the victim of a cyberattack in the past three years was attacked with ransomware. “The number of ransomware attacks is alarmingly high. The fact is, ransomware is worthwhile for the attackers and will therefore remain an integral part of their repertoire," says Dr. Niklas Hellemann, CEO and founder of SoSafe.

Ransomware-as-a-Service

One of the reasons for this development is the professionalization of cybercrime. Cyber ​​criminals are constantly developing their business models and theoretically making their malware accessible to everyone via "ransomware-as-a-service" (RaaS) on the Dark Web in exchange for payments with cryptocurrencies - even with different subscription models and their own customer support. Even laypeople without IT or hacking knowledge can carry out highly effective blackmail attacks. New technologies also accelerate this process. In particular, artificial intelligence (AI) and tools such as ChatGPT offer cyber criminals enormous scaling potential for their cyber attacks - initial studies by SoSafe, for example, show a time saving of at least 40 percent in phishing attacks, the main gateway for ransomware.

“The emergence and evolution of the ransomware-as-a-service business model demonstrates how cybercriminals are adapting and diversifying their business strategies to expand their illegal activities. And these ransomware attacks can be very harmful,” says Hellemann. “Recent IBM research shows that a successful ransomware incident costs organizations an average of $4,54 million, not including ransom demands. It can be expected that this type of attack will become more numerous and widespread in the future. It is all the more important to optimize your own security strategy and keep up with the innovations of the digital age. To do this, investments should not only be made in new tools and technologies, but above all in the human factor in order to promote a human-centric safety culture.”

Tips for dealing with ransomware attacks

Preventing ransomware attacks is a daunting task. However, security measures focus not only on prevention but also on mitigating the potential consequences of a security incident. In the case of a ransomware attack, the main concern is protection against data loss. Companies can take the following measures:

  • the restriction of the administrative rights of employees,
  • the review and implementation of effective password policies and
  • the introduction of strict access management at the server level.

Because many ransomware attacks, including phishing attacks, primarily target the human layer of security and often begin with some form of social engineering, an effective cybersecurity strategy must also include regular awareness training. By promoting the security behavior of their employees and strengthening their resilience, organizations can minimize the risk of a cyber attack.

More at SoSafe.com

 

About SoSafe

SoSafe helps organizations build their security culture and mitigate risk with its GDPR-compliant awareness platform. 2018 by Dr. Founded by Niklas Hellemann, Lukas Schaefer and Felix Schürholz, SoSafe now has more than 4.000 customers worldwide and is one of the leading providers of security awareness and training in Europe. With behavioral psychology elements and smart algorithms, SoSafe enables personalized learning experiences and attack simulations that motivate and train employees to actively protect themselves from online threats.

 

Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

Short news
, , , ,