State Of Ransomware: More Than Half Of UK Firms Are Victims

Malwarebytes has published in-depth research into the enterprise ransomware problem, and the findings makes for shocking reading.

The survey examined how 500 CIOs, CISOs and other senior IT staff at firms with 5,400 staff in the US, Canada, UK and Germany are coping with the ransomware problem.

And the answer is not well.

Shocking Findings

Among Malwarebytes’ shock findings in its “State of Ransomware” report, are that nearly nearly 40 percent of enterprises around the world have been hit by ransomware in the last year.

But to make matters worse, 34 percent of those firms have lost revenue, and even more worryingly 20 percent had to stop business completely.

And depressingly the research found that more than 40 percent of enterprises had paid the ransom, showing the clear lack of effective backup strategies at many businesses. And more than 60 percent of attacks took more than nine hours to resolve.

That said there has been a spate of ransonware attacks on hospitals of late, and 3.5 percent of respondents admitted that lives were at stake because of ransomware’s debilitating effects for healthcare. Other sectors to see frequent attacks were financial organisations.

Attackers it seems are demanding on average over $1,000 (£767) according to 60 percent of firms. But 20 percent of firms said that the attackers had demanded more than $10,000 (£7,677). One percent of firms had experienced demands for over $150,000 (£115,146).

“Over the last four years, ransomware has evolved into one of the biggest cyber security threats in the wild, with instances of ransomware in exploit kits increasing 259 percent in the last five months alone. The impact on businesses around the world has been significant,” said Nathan Scott, Technical Project Manager at Malwarebytes. “Until now, very few studies have examined the current prevalence and ramifications of actual ransomware incidents in the enterprise.”

UK Target

The research also painted a bleak picture for the UK. ESET for example has previously warned that the UK was being heavily targetted by ransomware.

But Malwarebytes found that the UK suffered the highest percentage of ransomware attacks out of all those asked. 54 percent of senior IT staff in the UK admitted to ransomware attacks despite seemingly being confident in their ability to stop it (87.2 percent). It seems that CIOs, CISOs and IT Directors are also the keenest to pay the ransom; and the UK loses the most money to ransomware. Indeed, 60 percent said the attack cost the company financially, nearly 10x more than US counterparts.

Despite this, training remains worryingly none existence, with UK IT managers the least likely to put any kind of ransomware training in place.

As part of the publication of this research, Malwarebytes has added new anti-ransomware additions to Malwarebytes Endpoint Security (MBES), to help firms protect themselves from the ransomware threat.

“The results from this survey further emphasize that any business in any region is incredibly vulnerable to ransomware,” said Marcin Kleczynski, CEO of Malwarebytes. “Cybercriminals are increasing their use of ransomware in their attack strategies globally, causing business disruption, loss of files and wasted IT man-hours. In order to stay safe, businesses must invest heavily in both employee education and technology.”

Meanwhile researchers at the University of Florida claimed recently to have developed technology that can stop ransomware attacks before they cause too much damage.

Earlier this year the gang behind the TeslaCrypt ransomware shut down their criminal operation and apologised. The gang also handed over the universal master decryption key to the malware to security researchers ESET.

Are you a security pro? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

View Comments

  • Why isn't Malwarebytes $1 a year per device. If you had 5 PCs in your home that's $5 a year.

    I ask this because if you look at just Windows 10 users alone -- that would be $350,000,000 a year if each PC subscribed. That's not enough money for this corporation?

    Really?

Recent Posts

Google Increases Concessions, Amid CMA Oversight Of Cookie Removal

Google expands data pledges to address concerns of British competition regulator, overseeing tech giant's removal…

3 days ago

India Moves To Ban Private Cryptocurrencies

India is to launch its own official digital currency, but will also ban private cryptocurrencies…

3 days ago

Google To Pay Millions To Ireland In Back Taxes

Google is to pay £183m in back taxes to the Irish government, in line with…

3 days ago

Orange CEO Resigns After Court Conviction

Stephane Richard steps down from his CEO and chairman positions of French mobile giant Orange,…

4 days ago

Apple To Use Own iPhone 5G Modem Design In 2023 – Report

Bad news Qualcomm. Team up with TSMC will see Apple utilise its own 5G modems…

4 days ago