More Than Three-Quarters of Businesses Have Experienced a Ransomware Attack

June 30, 2022

Ransomware is on the rise. In a recent survey by Hitachi Vantara and Enterprise Strategy Group (ESG) 79% of respondents disclosed that they had experienced a ransomware attack in the last 12 months. Digging deeper, 73% reported that they have been financially or operationally impacted by these attacks.  Ransomware readiness has never been more important for organizations. The ransomware problem isn’t something that will be going away anytime soon. By analyzing how ransomware has impacted business in the last few years, it’s easy to detect a pattern that indicates that ransomware challenges will only escalate for businesses this year and going forward. 


Excerpted in part from our eBook The Rise of Ransomware. READ IT NOW>>


Growing Email Volume Brings Growing Ransomware Trouble


An estimated 714 million attempted ransomware attacks were launched by the close of 2021 — a 134% increase over the previous year. As the favored tool of bad guys ranging from greedy cybercriminals to nation-state threat actors, this devastating cyberattack is a menace to businesses of every size, in every industry. Cybersecurity Ventures estimates the worldwide cost of ransomware at $20 billion in 2021. That number is expected to rise to $265 billion by 2031. The ransomware crisis just keeps getting worse — and harder to defend against. 

One reason for that difficulty is that the most common attack vector for ransomware is spear phishing, and phishing has exploded. The top data breach threat for three consecutive years, phishing is a plague on organizations. 80% of IT professionals saw a substantial increase in phishing attacks including those carrying ransomware in 2021. Consistently rising email volumes from remote work and shifts to more cloud-based operations for businesses give cybercriminals more chances to get phishing messages that carry ransomware into employee inboxes. Far too often, humans unwittingly help attackers gain a foothold in company networks or devices because they fall victim to the lure of a phishing email. An estimated 97% of employees in a wide array of industries are unable to recognize a sophisticated phishing email. 

Email Volumes in Billions Estimated 

2017269
2018281
2019294
2020306
2021320

Source: Statista


See 10 reasons why Graphus is better than other email security solutions. SEE THE LIST>>


 Old Tricks, New Victims


As the world grows more interconnected, ransomware practitioners have expanded their operations to include industries and organizations that weren’t previously on the hit list. An estimated 50% of ransomware attacks in 2021 hit businesses with less than 100 employees. The rise of the ransomware-as-a-service model that empowers smaller cybercrime groups to punch above their weight class has also contributed to the flood of ransomware attacks that businesses face daily. 

Ransomware practitioners are also seeking new sources of highly desirable (and profitable) data. The Verizon/Ponemon Data Breach Investigations Report 2021 reports that the number of data breaches that involve ransomware doubled in 2021. About 70% of data loss incidents were the result of “obscuration”, a classification that is used in this report to identify breaches that are the result of data encryption during a successful ransomware attack. 


Explore today’s biggest threats & what’s next in The State of Email Security 2022 GET IT>>


A Big Payday


A successful ransomware attack can net more for bad actors than just data to sell on the dark web. It can also net the bad guys a straight-up extortion payment. About 52% of organizations hit with a ransomware attack choose to negotiate with the extortionists or simply pay the ransom that is demanded, especially organizations involved in time-sensitive operations or critical infrastructure management. Cybercriminals know this and take advantage of it to score a fat payday. The average ransomware payment climbed 82% from $234,000 in 2020 to a record $570,000 in 2021

Paying extortionists is never a good idea, but it is the route that many companies take to escape a ransomware attack. Unfortunately, paying the bad guys doesn’t always produce the desired results. Less than $234,000 in 2020 to a record 60% of companies that pay the ransom when they’ve been hit by a ransomware attack are able to recover even part of their data, and 39% of companies that pay a ransom never see any of their data again. It is also illegal in many circumstances. 


The road to security success begins with 5 Steps to Ransomware Readiness! GET IT>>


Beyond The Ransom


The damage that businesses suffer from a ransomware attack doesn’t stop when a company’s systems and data get decrypted. Unitrends researchers determined that for companies that have faced ransomware head-on, data loss (22.34%) and downtime (22.13%) were the most common consequences reported. Rounding out the top five most-cited consequences were reputation damage (15.24%), lost profits (13.57%) and compliance failures (9.39%). All three of these elements keep the expense of a ransomware incident snowballing, creating major danger for the long-term viability of the victimized businesses. 

Consequences of a Ransomware Attack

Downtime22%
Lost data22%
Data recovered (paid ransom)15%
Lost profits14%
Data lost (paid ransom)9%
Reputation damage7%
Compliance failure  6%
Other 5%

Source: Unitrends MSP


Learn the secret to ransomware defense in Cracking the RANSOMWARE Code. GET BOOK>>


 Your Business Needs Automated Phishing Protection From Graphus 


No organization can take chances when it comes to cybersecurity, especially phishing defense. About 60% of businesses that experience a cyberattack like ransomware go out of business within six months. Your employees’ inboxes are besieged daily with phishing messages that could be carrying ransomware. DMARC and security awareness training don’t stop that from happening. That means that your business is just a click away from disaster. 

However, Graphus can save the day. Our patented, AI-based TrustGraph technology puts a powerful shield between phishing and your business to stop phishing immediately. Automated email security solutions like Graphus spot and stop 40% more phishing messages than old-fashioned conventional security or a Secure Email Gateway (SEG). Machine learning ensures that your protection grows with your business instead of growing obsolete, at a fraction of the cost of competing solutions. 

Using graph theory, machine learning and artificial intelligence algorithms to identify trusted relationships between your employees and the people they communicate with, Graphus virtually eliminates the threat of phishing and ransomware attacks delivered through email, automatically identifying and eliminating even sophisticated, socially engineered cyberthreats. While people are easily fooled, Graphus is not. 

Plus, Graphus is virtually plug-and-play, with no complex configurations or tinkering required. Graphus also isn’t dependent on technicians to upload safe sender lists or threat reports to get the job done. The AI never takes a day off monitoring your company’s unique communication patterns to quickly spot trouble. It takes care of phishing threats automatically without human intervention, 24/7/365. 

All of these advantages add up to an important conclusion — now is the perfect time to eliminate humans from the equation and really defend your business from ransomware and phishing with powerful, affordable and automated email security from Graphus. 

Book a personalized demo to see the ransomware defense boost that Graphus brings to your business. https://www.graphus.ai/demo-request/ 


Still relying on an old-fashioned SEG? See why Graphus is better! SEE THE COMPARISON>>


Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus