Ransomware attacks are soaring. By the end of this year, the global costs incurred by ransomware will be more than $20 billion annually – 57 times what they were in 2015 . For individual organizations feeling the sharp end of this exponential rise, just covering ransom payments alone can now mean handing over six to seven-figure sums to criminals.
At Morphisec, we have analyzed average payments from ransomware victims through open console data. In doing so, we have found direct evidence of ransomware’s unstoppable rise. Across industries, ransomware operators are extracting payments that are up to 10 percent of an organization’s annual revenue.
This situation paints a pretty bleak picture for cybersecurity professionals and business leaders everywhere. Faced with a threat that shows no signs of stopping, it is natural to respond by taking a fatalistic attitude towards ransomware. After all, if ransomware attacks are so ubiquitous, surely it’s better to treat them as an inevitable cost of business? Unfortunately, because paying a ransom provides little to no guarantee that access to data will be returned, giving into cybercriminals’ demands is not a sustainable strategy.
In this blog post, which recaps some of the points I covered in a