Are ransom payers fueling ransomware?

A new CyberEdge Group report uncovered two trends that are stimulating record-setting ransomware attacks:

  • More ransom payers are successfully recovering their data. In 2018, only 49 percent of ransom payers successfully recovered their data. That number rose to 61 percent in 2019. Today, 67 percent of ransom payers have recovered their data.
  • More payments are incentivizing the ransomware industry. In 2018, only 39 percent of ransomware victims actually paid the ransom. In 2019, that number rose to 45 percent. Today, an alarming 58 percent of victimized organizations have paid ransoms.

Following the company’s announcement that less than half of ransom payers successfully recovered their data that year, cybercriminals started to realize that withholding encrypted data after receiving ransom payments is bad for business.

Since then, data recovery rates for ransom payers have gone up. Unfortunately, the increased likelihood for data recovery is motivating more organizations to pay ransoms, which in turn is stimulating growth of the ransomware industry. Last year, 56 percent of organizations were compromised by ransomware. That number rose to 62 percent this year – a new record.

ransom payers

“This year, both good news and bad news are stimulating growth of the multi-billion-dollar ransomware industry,” says Steve Piper, founder and CEO of CyberEdge Group.

“To combat ransomware and other threats, I advise IT security organizations to invest wisely in products that continuously discover and patch vulnerabilities, uncover advanced threats using machine learning and artificial intelligence, and continuously back up their data everywhere.

“I also recommend organizations invest more in their people, including training and certification for IT security personnel and ongoing security awareness training for all employees. Never underestimate the value of the human firewall.”

Severe staffing shortages plague IT security

A severe shortage of IT security talent is driving important changes in technology and practices. The report found 85 percent of organizations are experiencing a shortfall of skilled IT security personnel, and survey respondents cited “lack of skilled personnel” as their biggest obstacle to adequately defending against cyberthreats.

This crisis is leading to strong preferences for technologies that can increase the productivity of existing IT security teams, such as security orchestration, automation and response (SOAR), advanced security analytics, and security products that feature ML and AI technologies.

Additional key findings

The report yielded dozens of insights into the challenges IT security professionals faced last year and the challenges they’ll likely continue to face for the rest of this year. Key findings include:

  • Successful cyberattacks at record levels. For the first time in CDR history, four out of five organizations (81 percent) experienced at least one successful cyberattack, up from 78 percent the prior year.
  • Hottest security technologies for 2020. Next-generation firewalls (NGFWs), containerization (e.g., browser isolation, micro-virtualization), application container security tools, threat intelligence platforms (TIPs) and services, and SOAR are among the most sought-after security technologies in 2020.
  • The new app security “must haves.” API gateways, database firewalls, and web application firewalls (WAFs) are this year’s most widely deployed application and data security technologies.
  • Decryption deficit. Surprisingly, only a third (35 percent) of SSL/TLS-encrypted web traffic is decrypted for inspection by network security devices, opening up the door to undetectable encrypted cyberthreats and associated data exfiltration.
  • Training and certification in demand. The vast majority of IT security professionals (87 percent) who haven’t received formal training would welcome it. Two-thirds (67 percent) of IT security professionals who haven’t yet achieved a security professional certification plan to get started in 2020.
  • Security’s weakest links. For the third straight year, application containers are rated as the IT component most difficult to secure, followed by operational technology (OT), Internet of things (IoT) devices, and mobile devices.
  • Putting trust in zero trust. Of those organizations who haven’t started assembling a zero-trust network architecture, 67 percent plan to get started in 2020.
  • Security’s slice of the IT budget pie. On average, IT security consumes 12.8 percent of the overall IT budget, up from 12.5 and 12.1 percent in the preceding two years.

Don't miss