May 3, 2017
Now that we’re firmly in the second quarter of the year, it’s clear that ransomware attackers have intensified their assault on organizations. New customers have been telling us about their own past attacks, the ransoms they’ve paid and the data they’ve lost, and asking how they can deal with the next ransomware disaster in a smarter and more cost-effective way. We’ve noticed that many of them are in financial services and healthcare, which seem to be favored targets for attack.
So we were interested to read some findings from Beazley Breach Response, an insurer that helps clients handle data breaches. They shared their observations on the rise of ransomware; specifically, they saw incidents double between 2014 and 2015 – and then quadruple in 2016.
Based on their data this year, Beazley projects these attacks will double again in 2017.
If those numbers terrify you, you’re not alone. Especially in financial services, where a variety of users – brokers, customers, loan officers, bank tellers and more – depend on a ceaseless flow of transactions. But there are measures every team can take that can eliminate the need to pay the ransom.
Let’s look at why ransomware has become so effective. One reason is, according to Beazley,
“Evolving ransomware variants enable hackers to methodically investigate a company’s system, selectively lock the most critical files, and demand higher ransoms to get the more valuable files unencrypted.” As with any successful market, more people have gotten in on the act: “The proliferation of hackers has made formerly minor mistakes much more dangerous.”
Here are the specific types of financial institution data breaches they saw in 2016:
Those were the top two types. Inside malfeasance accounted for 7% and payment card fraud for 4%, with physical loss and portable devices tied at 6%. Another 9% fell into the other/unknown category.
With 40% of incidents coming from targeted attacks, it’s clear organizations need to strengthen their security posture to fortify against future ransomware attacks. The below tactics will serve your organization in different ways, from protecting your perimeter to making your team more efficient to recovering faster from an attack.
It’s clear that ransomware incidents will continue to escalate, especially for financial services and other fields where accessible data is critical. Only fortifying measures are effective at dealing with an attack if and when one comes. Beazley also offered up some statistics on the attacks in the healthcare field; we’ll take a look at those next week.