Ransomware is a type of malicious software that restricts access to an infected machine, usually by encrypting files on the hard drive, and then demands payment of a ransom – often in a crypto-currency – in exchange for the key to decrypt the data.
According to the latest quarterly Insights report published by the Beazley Breach Response (BBR) Services team, recorded ransom demands increased to as much as $2.8 million in cases where criminals either targeted a particular organization or upon obtaining access discovered that they had more leverage and therefore increased the ransom demand. Hackers have also been adding pressure on victims to pay the ransom by conducting reconnaissance on their network and compromising back-ups before deploying the encrypting malware.
While ransom demands have grown to seven figures in extreme cases, these remain rare and the median demand stands at $10,000 in 2018. This is significantly higher than the average of $1000 reported in our October 2016 Breach Insights.
In the first three quarters of 2018, 71% of ransomware incidents handled by BBR Services were for small and medium-sized businesses.
Katherine Keefe, head of BBR Services at Beazley, said: “The complexity of different forms of ransomware and its capacity to stop business in its tracks frustrates organizations’ abilities to tackle these issues. Unfortunately it is often smaller businesses that are most vulnerable to attack by cyber criminals as they frequently lack the resources and protocols of larger firms. However, businesses of all sizes need to ensure their IT employees are aware of the risks through up-to-date training and implementation of cyber security measures.”
For more information on the latest breach trends and detailed industry-level data on the how cyber threats are evolving read the latest Beazley Breach Insights report.
Advice on how to prevent and respond to ransomware attacks can be found here.