Ransom, in any form, signals serious crime. A high price is placed on the safety of that which has been stolen. And while most of us associate ransom with hostages and kidnappings, cybercrime has added a serious twist to that which we hold dear. Consider this very sobering thought: In 2021 the average global ransom paid for an individual who was kidnapped was $29,343.1 That same year, the average loss suffered from a ransomware attack was $131,960 – four and a half times what was paid for a person kidnapped.2
In 2021, tactics and techniques used by ransomware hackers evolved more rapidly than ever before. According to the FBI, from January to July 31, 2021, there was a 62% increase in ransomware incidents and a 20 percent increase in reported losses compared to the same time frame in 2020.3 One particularly frightening trend that arose was the attacks on U.S. Healthcare, First Responder networks, and critical infrastructure sectors. Attacks targeting US Healthcare and First Responder networks included law enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities.2 To make matters worse, fourteen of the sixteen critical infrastructures experienced ransomware attacks. Those hit hardest included:
1. Healthcare and Public Health
2. Financial Services
3. Information Technology
4. Critical Manufacturing
5. Government Facilities
6. Commercial Facilities
7. Food and Agriculture
Phishing: A Root Cause
While new ransomware records were set in 2021, those numbers are positioned to be bested in 2022. During the first quarter of 2022, researchers detected twice as many potential ransomware attacks than all those seen in 2021.4
Even though there are a few possible entry points for a ransomware attack, more often than not it begins with phishing. In fact, in a recent survey of Managed Service Providers (MSPs) phishing emails accounted for 54% of ransomware infections.5 The Verizon Data Breach Investigations Report (DBIR) paints an even gloomier picture, finding that human error was responsible for 82% of breaches, 25% of which involved social engineering.6 The DBIR also found that ransomware was present in almost 70% of malware breaches.
Doing Your Part
Protecting your company from a ransomware attack is not something you can do alone. You need the help of a third party. INKY is the behavioral email security platform that blocks phishing threats – including malware and ransomware – before they have the opportunity to fool your employees into making that one fatal click that can bring your business to a halt. INKY also coaches users to make smart decisions, which is critical, given the role human error plays in phishing attacks. Acting like a cybersecurity coach, INKY signals suspicious behaviors with interactive banners that guide users to take safe action on any device or email client.
If you’d like to learn more about the phishing threats facing your company and how best to protect it, a great first step is to schedule a demonstration. Request an INKY demonstration today.
INKY is an award-winning, behavioral email security platform that blocks phishing threats, prevents data leaks, and coaches users to make smart decisions. Like a cybersecurity coach, INKY signals suspicious behaviors with interactive email banners that guide users to take safe action on any device or email client. IT teams don’t face the burden of filtering every email themselves or maintaining multiple systems. Through powerful technology and intuitive user engagement, INKY keeps phishers out for good. Learn why so many companies trust the security of their email to INKY. Request an online demonstration today.