BitSight

The Rising Face of Cybercrime: Ransomware

Noah Simon | September 21, 2016

Ransomware has been all the talk lately in the security industry- and deservedly so. These attacks have surged in the last year: hospitals, banks, and local police departments have all been infected with ransomware. Organizations have been paralyzed for days and weeks as a result of ransomware infections. In March, a MedStar Health clinic in Baltimore reportedly turned away patients and had trouble accessing electronic medical records. In a separate incident, the University of Calgary paid a $20,000 ransom earlier this year after malware encrypted the university's email servers. In addition to a financial loss for organizations that decide to pay ransoms, these attacks have the potential to cause severe operational disruptions for companies.

Thus far, criminals have cast a wide net, often distributing a malicious attachment to millions of email addresses in hopes of successfully infecting machines. These attacks have largely been opportunistic, often infecting organizations that have poor security hygiene. Many experts believe ransomware will only become more targeted, and more damaging as time goes on.security

Security Performance Over time

In our latest BitSight Insights report The Rising Face of Cyber Crime: Ransomware, BitSight researchers set out to understand the spread of ransomware and which industries see the most infections. To put ransomware into greater context, we first observed the security performance of key industries of the last year.

Screen_Shot_2016-09-20_at_10.10.26_AM.png

 

Financial Services companies continue to exhibit excellent security performance, while the Education sector continues to struggle. Although some industries improved their security performance over the last year, data breaches were widespread in all industries, as were ransomware attacks.

Popular strains of ransomware

In this report, we observed the frequency of ransomware infections by looking at five well-known strains of the malware. Three of these variants are especially worth noting. Nymaim, a trojan that can be used to install a variety of malware, is typically associated with ransomware. Infections of Nymaim were high across all industries, with more than 11% of Education exhibiting infections. Locky, a strain of Ransomware discovered earlier this year, has already penetrated many Education, Government, and Retail organizations. Lastly, Matsnu, another type of Trojan malware that can remotely download and execute files, was relatively common across all industries.

ransomware-breakdown_small.png

what does it mean for businesses?

While ransomware is just one of many cyber threats affecting companies around the world, it is important that organizations take steps to mitigate the risk of being infected. Download our report to learn which steps are vital to reducing this threat.

security-managers-guide-to-VRM

Suggested Posts

Meet Our Customer Success Team: Ashley Ritrovato

Check out this Q&A with a US-based member of BitSight's Customer Success team to learn about her role as an BitSight Advisor & Customer Success Manager, her experience, and more.

READ MORE »

Meet Our Customer Success Team: Alessandra Pilloni

Check out this Q&A with a London-based member of BitSight's Customer Success team to learn about her role as an Customer Success Manager, her experience, and more.

READ MORE »

Meet Our Customer Success Team: Hayley Combs

Check out this Q&A with a Lisbon-based member of BitSight's Customer Success team to learn about her role as an EMEA Customer Success Manager, her experience, and more.

READ MORE »

Subscribe to get security news and updates in your inbox.