Today, software and applications run the world. They are at the very foundation of almost every business, nonprofit and government agency, as well as a staple in our own everyday lives. And as such, they have become a ripe target for cybercriminals, particularly ransomware attacks of late.
Ransomware is one of the most widely discussed threats in cybersecurity. However, research regarding the experiences of organizations that have actually suffered from a ransomware attack is understandably scarce. Few wish to make headlines in this manner. However, a 2021 Ransomware Victims Report sponsored by Cloudian shed critical light on this growing threat. Its findings revealed: 1) ransomware attacks are hard to prevent, even when you’re prepared; 2) ransomware can penetrate quickly, significantly impacting an organization’s financials, operations, customers, employees and reputation; and 3) even if you pay the ransom, there are other related costs that can be significant (and it’s rare to get all your data back).
Based on a survey of over 200 IT professionals who had experienced a ransomware attack, the report found that although every one of the respondents had one or more traditional security measures in place, ransomware was still able to penetrate the defenses. Phishing was one of the most common points of entry, with 24% of ransomware attacks starting this way. That number rose to 41% when looking at organizations with fewer than 500 employees. Moreover, phishing succeeded despite the fact that 65% of those that reported it as the entry point had conducted anti-phishing training for their employees.
Next, the research made clear that once cybercriminals are able to insert ransomware, they can quickly take over. 56% of survey respondents reported that attackers were able to take control of their data and demand ransom within just 12 hours, and another 30% said it happened within 24 hours. In addition, on average, 44% of respondents’ total data was held hostage, with financial, operational, customer and employee data all being targeted.
Finally, the research confirmed that the financial costs go well beyond just the ransom payments. For the 55% of respondents that chose to pay ransom, the average payment was $223,000, with 14% paying $500,000 or more. In addition, those organizations that paid ransom still spent an average of $183,000 more for other costs resulting from the attack, with 37% of respondents paying at least $100,000 more. Unfortunately, even after incurring an average cost of $406,000 in total, only 57% that paid ransom got all their data back.
So why does this matter so much to DevPros? You need to not only develop software and applications that are as immune as possible to ransomware and other malware attacks but also move beyond traditional defenses to ensure your application data is protected.
In Part 2 I will expand on why protecting containerized workloads has become essential for DevPros and how best to go about doing so.