As ransomware attacks grow in
sophistication, both employees and
employers are paying ransoms in
record numbers

As ransomware attacks grow in sophistication, both employees and employers are paying ransoms in record numbers

Critical security behavioral
habits of more than 1,000 office workers related to ransomware.

Part 2 of Intermedia's 2017 Data Vulnerability Report examines the critical security behavioral habits of more than 1,000 office workers related to ransomware.

Our findings revealed that while companies do provide regular cyber security training, office workers continue to be lax on adhering to security best practices which can cause significant financial ramifications to organizations of all sizes.

Despite headlines around WannaCry, Petya, and other ransomware outbreaks, as well as efforts around employee education, confusion in the workplace remains regarding what ransomware is and how it gets delivered. Subsequently, both employers and employees are paying ransoms at record rates...when they don't need to.

Ransomware attacks continue to grow exponentially

The threat of ransomware, when hackers infect devices with a virus and hold data hostage until a sum of money has been paid, is only getting worse.

Ransomware attacks continue to grow exponentially
GLOBAL RANSOMWARE DAMAGE
                COSTS ARE PREDICTED TO EXCEED $5 BILLION IN 2017

ACCORDING TO THE FBI, GLOBAL RANSOMWARE DAMAGE COSTS ARE PREDICTED TO EXCEED $5 BILLION IN 2017, WHICH IS UP FROM $325 MILLION IN 2015, AS REPORTED BY THE CYBER THREAT ALLIANCE


RANSOMWARE/ CYBERATTACKS (29%) WERE
                    THE BIGGEST THREAT TO DATA LOSS WITHIN
                    ORGANIZATION

SECOND ONLY TO HARDWARE FAILURE (30%), OFFICE WORKERS SAID RANSOMWARE/ CYBERATTACKS (29%) WERE THE BIGGEST THREAT TO DATA LOSS WITHIN THEIR ORGANIZATION


Intermedia's Security VP on the true business cost of ransomware

Even with the increased publicity and impact of global ransomware attacks, awareness still lags:

Even with the increased publicity and impact of global ransomware attacks,
                        awareness still lags
89%

of IT professionals were at least moderately confident that employees in their company would be able to identify an attempted ransomware attack


31%

of office workers admit they aren't familiar with ransomware


MEN REPORT GREATER LEVELS OF AWARENESS THAN WOMEN

78% and 60%

of male office workers say they know what ransomware is

of female office workers say they know what ransomware is


It’s not for lack of effort though…

It’s not for lack of effort though…
70%

of office workers said their organization regularly communicates about cyber threats


THIS INCLUDES COMMUNICATING WITH EMPLOYEES ABOUT LARGE-SCALE GLOBAL RANSOMWARE ATTACKS…

30%
locker

said their organization specifically highlighted the WannaCry ransomware attack as an example


>Jonathan Levine

Jonathan Levine,CTO, Intermedia

 

As ransomware continues to evolve and become more advanced, organizations of all sizes and types must acknowledge it as a very real threat. This is especially true for SMBs that may not have the resources, tools, or training that larger organizations use to recognize, prevent and protect themselves from such attacks. Ransomware can infiltrate and shutdown an entire business through one infected computer. More often than not, SMBs feel they are forced to pay a ransom they can’t, but must, afford. And hackers realize this.

The hidden costs of ransomware

While the majority of companies communicate about the threat ransomware presents, employees aren’t always told what to do if they are a victim. In fact, data shows that office workers take actions that could dramatically undermine security efforts.

The hidden costs of ransomware

EMPLOYEES SHOULDER COSTS OF RANSOMWARE PAYMENTS MORE OFTEN THAN EMPLOYERS

people

OF THE OFFICE WORKERS

have fallen victim to a ransomware attack at work. Among them:

59% and 37%

have paid a ransom personally

said their employer paid


73% and 69%

OF IMPACTED MILLENNIAL WORKERS

(often considered the most computer-savvy group of employees) report personally paying a work-related ransom

OF THOSE WHOSE ORGANIZATIONS HIGHLIGHTED WANNACRY

and have been hit by ransomware, still paid a ransom further highlighting that office workers don’t know what to do if they are hit

THERE ARE A NUMBER OF REASONS WHY
EMPLOYEES WOULD PAY THE RANSOM
THEMSELVES

Employees may see paying the ransom out of their own pockets as the quickest and easiest way to get their data back, when in actuality, 19% of the time the data isn’t released, even after the ransom is paid. Organizations need to focus education efforts not just on what ransomware is, but what steps employees should take if they are impacted.

THERE ARE A NUMBER OF REASONS WHY EMPLOYEES WOULD PAY THE RANSOM THEMSELVES

THERE ARE A NUMBER OF REASONS WHY
EMPLOYEES WOULD PAY THE RANSOM
THEMSELVES

Employees may see paying the ransom out of their own pockets as the quickest and easiest way to get their data back, when in actuality, 19% of the time the data isn’t released, even after the ransom is paid. Organizations need to focus education efforts not just on what ransomware is, but what steps employees should take if they are impacted.

How can you protect your organization?
– an Intermedia customer weighs in

>Joshua Sharfma

Joshua Sharfman,Chief Technology and Innovation Officer, California Association of REALTORS

  idea
WITH PROPER PLANNING, YOU CAN AVOID PAYING THE RANSOM

Two years ago, we were hit by a very good social engineering ransomware attack. A cyber criminal emailed the exploit to a hiring manager as an attachment labeled, 'resume.zip' referencing an open position we had. It was 6pm on a Friday, and so by the time the individual had realized what had happened Monday morning, around 100,000 files were encrypted. Because we had taken proper business continuity planning measures, we were able to do a mass rollback of the infected files. We didn't pay any ransom and suffered no data loss. We've also changed our policy to add Zip files to the list of executable files that are blocked by our email filter.

  idea
CREATING A MORE AWARE COMPANY CULTURE

Twice a month, we provide cybersecurity education. We also conduct company contests. For instance, after the Equifax breach, we held email contests to identify four potential risk areas within a dummy email. Following the hurricanes, we notified employees that after disasters, there are often exploits trying to get people to donate to seemingly legitimate causes. The sad reality is companies need to assume that they are vulnerable. It is not a matter of if, it is a matter of when. In addition to having an incident response plan ready to go, talk to employees regularly. Humans are generally the weakest link. We're all best served by helping everyone to maintain a high degree of awareness. Create a company culture where employees know to seek assistance if they are suspicious, ideally before, but also after they click.

Ransomware and the channel – an Intermedia partner weighs in

HOW INTERMEDIA'S SECURITY SUITE HELPS PARTNERS TO DIFFERENTIATE

>Koert Council

Koert Council,Partner at Kosh Solutions

 

The prevalence of high-impact cyberattacks has changed the way that organizations need to approach security. This presents MSPs with a security specialization the opportunity to help clients better prepare and safeguard against these threats, while scaling their own business. For instance, the surge in ransomware attacks is a significant driver of our new customer signups. Intermedia’s backup and file sharing solution enables us to restore clients’ access to impacted documents in just minutes following a range of scenarios, from stolen or damaged devices to ransomware attacks and other mass infections. Intermedia’s security services suite gives us a huge market differentiator.

Now what should you do?
Now what should you do?

Integrate ransomware education into your broader data breach and cybersecurity training efforts. However, it’s not enough to just identify the risk. These regular communications must explain what employees should do if they are hit. Otherwise, as our report identifies, employees could take matters into their own hands. It’s these actions that could undermine security efforts, and result in days (if not weeks) of downtime. Be sure to have a solid business continuity plan in place to keep your business up and running in the event of a ransomware outbreak, including installing a continuous backup product such as Intermedia's SecuriSync®.

Ideally, if you have proper backup in place, you won't have to worry about paying a ransom in the first place. Don’t worry if this sounds like a lot to take on yourself. Intermedia can help you develop an ongoing plan, in addition to identifying local resources that can assist with implementation process.

Check out the resources below for further information on preventing ransomware attacks, and to sign up to receive the 3rd installment of our report on risky data and filing sharing behaviors.

Sign up to receive an email alert when the next part
of the report is available

 
About Intermedia

Intermedia offers a broad and tightly integrated suite of cloud solutions, including UCaaS, business email, file backup, sync & share, collaboration, identity and access management, security, and archiving – all delivered by a single provider with one point of control. Companies want security, scalability, and someone to manage the intricacies of business IT for them, and that’s just what Intermedia delivers with enterprise-grade security, a 99.999% uptime service level agreement and J.D. Power-certified 24/7 support. For more information, visit Intermedia.net or connect with us on Twitter, Facebook or LinkedIn.

Survey Methodology

This study was commissioned by Intermedia and delivered by Precision Sample®, an independent market research organization. Precision Sample has an active proprietary panel of over 3.5M respondents that is routinely validated with a stringent screening process including Verity® and RelevantID by Imperium®. Results derived from an 11-minute online survey instrument with 45 total questions, fielded June 1-5, 2017. Setup questions were used to ensure that only U.S. knowledge workers were in the sample, which was defined as those who routinely work in an office environment. Overall margin of error of +/- 2.95% at a 95% confidence interval.

All trademarks, registered trademarks, service marks, trade names and product names appearing herein are the property of their respective owners.

Chat with an Expert
x

Hello.
Can one of our solutions specialist answer any questions for you?

Become a Partner