Ransomware and phishing attacks conquered the US newspaper headlines last year. More than 70 state and local governments across the US and more than half of the organizations suffered from ransomware attacks. According to the bureau’s Internet Core Competency Certification (IC3), 2019 Internet Crime Report, businesses and individuals lost a sum of $3.5 billion to cybercriminals, reporting more cases than any other year to the FBI.
The global statistics show it’s getting more dangerous for organizations.
In 2020 a research was held by analyzing 9 million suspicious emails and 50 million simulated phishing attacks (of 2019), as well as a survey of 600 IT security leaders and 3500 employees. They found that 90% of global organizations were targeted by business email compromise and phishing attacks (State of the Phish report by Proofpoint). The report highlights user phishing awareness, vulnerability and resilience trends among organizations.
Traditional Ways, But New Strategy
If attempts of cyberattacks through phishing emails have decreased to an organization, it just does not mean that they are lowering the attacks. The new strategy of attackers was more focused on quality than quantity. From the research, 60% of organizations faced the same or fewer number of attacks in 2019 than in 2018. But the successful attempts of attacks were increasing alarmingly.
Ransomware Showing Its Power
Last year Grandcrab– known as the king of ransomware hardly affected many organizations. The studies prove that organizations once compromised with malware attacks have a high chance to be attacked by ransomware, meaning once organizations face an attack, even after its fixing they want to be more alert as more harmful things may be waiting.
Ransomware can immobilize the critical infrastructure of organizations. Cybercriminals make use of this emergency created by successful ransomware infection. And the end of every data breach is the loss of money, reputation, and direct business impacts due to loss of
intellectual property.
Paying May Not Return It!
Cyber attacks are meant for money. But the recent studies prove that paying their demands will not be a good option. The survey conducted by Proofpoint reveals that 33% of organizations affected by ransomware paid to criminals to regain their compromised data (study conducted among 600 IT security professionals) and 32% didn’t.
Among the paid companies, 69% got back access to their data. But it’s frightening that 22% never regained access to their data even after paying the demanded ransom! 7% were bargained with more demands from these cyber thefts and ended up walking away empty-handed. 2% were forced to give more money.
Many ransomware victims, even those with proper data backup systems, are willing to pay off their attackers, to avoid the disruption, work, and cost involved in restoring data on their own. But the FBI, tech leaders strongly recommended not to pay the ransom for so many reasons and encourage them to take enough precautions, for not to be a victim of a cyber attack.
Solution?
The best solution for a problem is not to jump into a problem!
Organizations may think that their strong cybersecurity measures will protect them, but strong cybersecurity along with right phishing awareness training among employees together can only stop the cyber attacks.
A recent study shows that phishing is a key vulnerability in the Data breaches, caused by employees falling to, or cannot recognize malicious email campaigns. It was not happening accidentally. In a study conducted by JAMA, among health care organizations, just 60% of organizations provide proper cybersecurity education to their employers. The lack of appropriate training opens up your companies’ servers to criminals through their phishing emails. Remember, healthcare was cyber thefts’ favorite area last year.
So be aware and give proper awareness to your employees about new trends and tricks on cyberattacks, and have the protection of an expert cybersecurity company which can make your server unbreakable for cybercriminals.
To know more about cyber threats and proper cybersecurity measures, be in touch with us, Cybernetic Global Intelligence (CGI), an Aussie cybersecurity company, You may either call at 1300 292 376 or drop a mail to Contact@cybernetic-gi.com for help at, anytime.