Email Security

    Survey Says: Ransomware is Still a Top Threat for Most Organizations

    Mimecast’s State of Email Security Report shows ransomware attacks aren’t slowing down.

    by Matthew Gardiner

    Don’t be lulled by crypto-mining (or cryptojacking) alarmists into thinking that crypto-mining is replacing ransomware as a major new security threat.

    What is Crypto-Mining?

    Crypto-mining is the unauthorized use of someone else’s computers to mine various crypto-currencies for the sole benefit of the cybercriminal.

    Essentially crypto-mining is stealing compute and network resources to do the calculations required to mine crypto-currency. To do this makes sense (if you are a criminal), as mining crypto-currencies can consume a lot of computing resources as well as electricity, that can make the cost outweigh the value of the mined coins. Mining it is much more profitable when someone else pays the cost but doesn’t reap the coin!

    Why Crypto-Mining is not the New Ransomware

    In some articles published in 2018 there was an implication that ransomware focused cybercriminals were switching their focus from ransomware to crypto-mining. While no doubt true in some cases, as most criminals are focused on making money and don’t have a preference on how they do it, my view was that the prediction of switching en masse was not likely to happen.

    The cybersecurity research data we just published as part of our annual State of Email Security Report for 2019 does not support the view that the ransomware wave is waning. If anything, just the opposite is happening. The highly publicized ransomware attack on the City of Baltimore is a representative example of this trend, but of course is just a one-off example. 

    Our cybersecurity research data show that:

    • Ransomware attacks are up 26% year-over-year, with more than half of organizations having experienced a ransomware attack that impacted their business operations in 2018.
    • The USA had the highest percentage of reported ransomware caused business impacts at 61%, with the lucky UK showing the lowest percentage impacted at 39%. Both are remarkably high percentages though.
    • The average amount of system downtime caused by ransomware stayed steady at three days, with 86% of organizations that had experienced a ransomware attack suffering at least two days of downtime. That is a lot of time to be down, although the City of Baltimore has experienced much worse than that.

    Furthermore, the 2019 Verizon Data Breach Investigation Report found that ransomware accounted for 24% of all incidents where malware was used. Among the same data set, crypto-mining only accounted for 2% of malware incidents.

    Remain Vigilant with New Cyberattacks

    The takeaway; what is tried and true in the cybercriminal world doesn’t go away until it truly becomes ineffective and unprofitable. New cyberattacks do arrive on the scene, of course, but cybercrime is not a zero-sum game. If it is profitable it will remain popular until it isn’t.

    Thus, organizations can’t shift their cybersecurity defenses away from one cyberattack because a new one appears on the scene, they must continuously expand and improve upon their cybersecurity controls to be better prepared for the next one, while defending against the currently popular ones.

    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top