Mass Phenomenon Ransomware: 70 Percent of Companies in Germany Affected by Blackmailer Malware
Ransomware attacks cost companies an average of 750,000 euros
Mountain View / Oberursel – 27. March 2018 – Attacks with blackmailer malware have become a costly mass phenomenon, as a survey* commissioned by endpoint protection specialist SentinelOne now reveals. 70 percent, or almost three quarters of companies in Germany, have been the victims of a ransomware attack in the past twelve months. The majority of companies were attacked six times on average by cyber blackmailers. The encryption attacks caused an average cost of around 750,000 euros per company.
The current survey is a continuation of a ransomware survey conducted in 2016 and a comparison of the results shows a significant escalation of the threat landscape. While in 2016, “only” about half of German companies (51%) said that they had fallen victim to ransomware within one year, this figure has risen by almost 20 percent in the last 15 months. However, the main focus of cyber criminals has not changed: According to the respondents, the attackers are still primarily targeting employee information (2018: 41%; 2016: 57%).
The main blame for introducing ransomware into the business lies primarily with employees according to the recent report: Around one in two respondents (48%) cite carelessness of employees. This is supported by the fact that phishing via e-mail or social media is the most frequent gateway for cyber blackmailers (76 percent). Around four in ten security managers in Germany also named antivirus solutions that could not stop the attack as the reason why their company became a victim of ransomware.
Although security experts and even the police now strongly advise against paying the ransom, a considerable number of companies is still giving in to the demands of cyber blackmailers. The report shows that almost three out of ten companies in Germany (29%) have always or several times paid the demanded ransom sums. However, many companies had to learn painfully that this is no guarantee for uncomplicated data decryption: 61 percent of the respondents stated that the data remained encrypted despite payment of the requested amount and 32 percent experienced confidential data being released after the ransom payment. In addition, almost half of those affected (45%) received further ransom claims from the extortionist after the first money transfer.
From a security point of view, however, the ransomware attacks also had positive impacts: For example, 71 percent of those affected have increased IT security spending after an attack, and 44 percent stated that they are changing their security strategies to focus on mitigation from now on. German security experts are generally positive about the future. 92 percent feel confident in their ability to combat ransomware in the future. A major reason for this optimism is probably the fact that they have replaced traditional anti-virus with advanced end point protection technology to detect threats.
“The fact that the number of ransomware attacks has continued to rise and almost three quarters of German companies have fallen victim to cyber blackmailers in the last twelve months is alarming,” comments Alexander Kehl, Regional Sales Manager CEE at SentinelOne. “IT managers must finally wake up and initiate a realignment of their security strategy if they want to avoid annoying outages, data loss and the associated costs – the report speaks at least of around 750,000 euros per company. The main focus should be on inadequate AV solutions, poor backup processes and untrained employees. The current threat landscape requires every company to break new ground when it comes to endpoint protection.”
SentinelOne commissioned independent market research specialist Vanson Bourne to undertake research about Ransomware. A total of 500 IT security decision makers were interviewed during February 2018. The sample was comprised of 200 respondents in the US and 100 each in the UK, France and Germany, with at least 1,000 employees or more from a range of private and public sectors. Interviews were conducted online using a rigorous multi-level screening process to ensure that only suitable candidates were given the opportunity to participate.
SentinelOne ist ein Pionier für autonome Sicherheit für Endpunkte, Datencenter sowie Cloud-Umgebungen und hilft seinen Kunden, ihre Assets schnell und einfach zu schützen. Dabei vereint SentinelOne Prävention, Identifikation, Abwehr, Wiederherstellung und Forensik in einer einzigen, auf künstlicher Intelligenz basierenden Plattform. Hierdurch können Unternehmen schadhaftes Verhalten durch unterschiedliche Vektoren erkennen und mittels voll-automatisierten, integrierten Abwehrmaßnahmen eliminieren – auch bei den fortschrittlichsten Cyberangriffen. SentinelOne wurde von einem Elite-Team aus Cybersicherheits- und Verteidigungsexperten gegründet und verfügt über Büros in Mountain View, Tel Aviv und Tokyo. Das Unternehmen mit Kunden in Nordamerika, Europa und Japan wird von Gartner als „Visionär“ im Bereich Endpoint-Schutz eingestuft. Distributor in Deutschland, Österreich und der Schweiz ist Exclusive Networks.
Perrine Jouan, Marketing Director EMEA & APJ