The current "State of the Phish" report shows that ransomware attacks pose an increasing threat to German companies. Ransomware attacks wreak havoc. Who Pays the Ransom: Only 4 out of 10 companies get the full data back.
That's according to the ninth annual State of the Phish report released today by leading cybersecurity and compliance firm Proofpoint. 85 percent of German companies were affected by a ransomware attack last year. 63 percent of these attacks were successful.
Defying ransom: only 41 percent get data back
Less than half (41 percent) of the affected companies regained access to their data after the first ransom payment. Eighty-nine percent of German companies (89 percent globally) that were the target of email-based attacks had at least one such attack succeed, with nearly a third (84 percent) reporting direct financial losses. This is a significant increase compared to 31, when 2021 percent of German organizations reported direct financial losses. Globally, direct financial losses grew by a worrying 14 percent compared to 2021. Cyber criminals are also increasingly turning to lesser-known attack methods to achieve their goals without neglecting the tried and tested.
Strong ransomware devastation
Not only did only 41 percent of the affected German companies regain access to their data after the first ransom payment. More than two-thirds of companies worldwide were even affected by multiple, separate ransomware infections. Most infected companies paid, many more than once.
Of the German companies hit by ransomware, the overwhelming majority (95 percent vs. 90 percent globally) had taken out cyber insurance for ransomware attacks, and most insurers were willing to pay either part or all of the ransom (87 percent versus 82 percent worldwide). This also explains the high willingness to pay: 81 percent (only 64 percent worldwide) of the infected companies paid a ransom at least once.
Large scale, more sophisticated email threats
For the past year, hundreds of thousands of phone-oriented attack delivery (TOAD) social engineering attacks and phishing messages have been sent every day in an attempt to outsmart MFA. These threats are so pervasive that they affect almost every organization. At its peak, Proofpoint saw more than 600.000 TOAD attacks per day — emails encouraging recipients to make a phone call to the attackers at a rogue call center. The number of these attacks has steadily increased since the technique first appeared in late 2021.
A number of methods are now also available to cybercriminals to bypass MFA. Many phishing-as-a-service providers have already integrated appropriate AitM tools into their standard phish kits.
Cyber hygiene improvements needed
Cybercriminals are constantly evolving, and this year's report shows once again that most employees have gaps in security awareness. Even basic cyber threats are still not well understood - more than a third of the survey participants cannot define "malware", "phishing" and "ransomware". Additionally, only 56 percent of German companies train their entire workforce with a security awareness program, and only 34 percent conduct phishing simulations—both important components of an effective security awareness program.
This year's "State of the Phish" report provides a detailed overview of current threats to IT security and is based on telemetry data from the company. These include more than 18 million suspicious emails reported by users and 135 million simulated phishing attacks over a one-year period. The study also examines the opinions of 7.500 employees and 1.050 security professionals from 15 countries. It reveals alarming gaps in security awareness and cyber hygiene.
More at Proofpoint.com
About Proofpoint Proofpoint, Inc. is a leading cybersecurity company. The focus for Proofpoint is the protection of employees. Because these mean the greatest capital for a company, but also the greatest risk. With an integrated suite of cloud-based cybersecurity solutions, Proofpoint helps organizations around the world stop targeted threats, protect their data, and educate enterprise IT users about the risks of cyberattacks.