The percentage of companies reporting financially motivated cyber attacks has doubled over the past two years, with 50% of companies experiencing a cyber attack motivated by ransom in the past year, according to Radware. As the value of bitcoin and other cryptocurrencies has appreciated, ransom attacks provide an opportunity for hackers to cash out for lucrative gains months later.
“The rapid adoption of cryptocurrencies and their subsequent rise in price has presented hackers with a clear upside that goes beyond cryptocurrencies’ anonymity,” said Carl Herberger, Vice President of Security Solutions at Radware. “Paying a hacker in these situations not only incentivizes further attacks, but it provides criminals with the vital funds they need to continue their operations.”
The threat of ransomware
The number of companies that reported ransomware attacks in which hackers use malware to encrypt data, systems, and networks until a ransom is paid – surged in the past year, increasing 40% from the 2016 survey. Companies don’t expect this threat to go away in 2018 either. One in four executives (26%) see ransom as the largest threat to their business sector in the coming year.
“Criminals used various exploits and hacks this year to encrypt vital systems, steal intellectual property, and shut down business operations, all with ransom demands attached to these actions,” Herberger said. “Between service disruptions, outages, or IP theft, hackers are leaving businesses reeling, searching for solutions after a hack occurs. As hackers and their methods become increasingly automated, it is now more important than ever for organizations to be proactive in protecting their business.”
Cyber attack ring of fire
Other key findings
- Businesses are most concerned with their data when hit with a cyber attack. Respondents noted that data leakage was their top business concern, followed by reputation loss and service outages.
- Despite one in four (24%) businesses reporting cyber attacks daily or weekly, nearly 80% of surveyed organizations have not come up with a calculation for the cost of attacks, and one in three lack a cyber security emergency response plan.
- Respondents are not quite sure who is responsible for Internet of Things (IoT) security. When asked who needs to take responsibility for IoT security, there was no clear consensus among security executives. Responses pinned responsibility on the organization managing the network (35% of responses), the manufacturer (34%), and even consumers using these devices (21%).
Organizations with a cyber-security emergency response plan in place
Radware’s Global Application and Network Security Report, now in its seventh year, is a cross-industry report compiled by Radware’s Emergency Response Team (ERT), leveraging vendor-neutral survey data from 605 IT executives spanning several industries around the globe, Radware’s hands-on experience handling today’s leading threats, as well as third-party service provider commentary.