September 22, 2016 By Larry Loeb 2 min read

The Department of Justice estimated that 4,000 ransomware attacks will occur every day this year, a 300 percent jump compared to 2015, according to Forbes. But the overall number of attacks does not tell the whole story. Even though certain installations, like health care facilities, have suffered high-profile infections, the story of how ransomware is affecting enterprises may be lost in the sheer volume of attacks.

A recent BitSight report titled “The Rising Face of Cybercrime: Ransomware,” cited data from across six industry sectors and 18,996 companies. It examined the prevalence of ransomware in the education, energy and utilities, finance, government, health care and retail industries.

BitSight Report: The Raw Numbers

BitSight found that the cybersecurity postures of five of the six industries surveyed had improved since last year, with the education sector being the lone exception.

In fact, the report found that 273 of 2,100 educational institutions surveyed (13 percent) had been infected with ransomware. In contrast, only 115 of the 7,639 financial companies surveyed (1.5 percent) experienced ransomware attacks in the past year.

Aside from the health care and the energy and utilities industries, industry security ratings seem to correspond with the percentage of its institutions that suffered ransomware attacks in the past year. This suggested a direct correlation between security and the prevalence of ransomware.

Additionally, the volume of infections increased across the board, illustrating the growing threat of ransomware to all industries. While the government and educations sectors experienced the sharpest increase of ransomware incidents, no industry is safe from this type of attack.

Locky Wreaks Havoc on Retail

BitSight looked at the prevalence of several common types of ransomware across industries and found that Locky made a particularly significant impact. The BitSight report found that industries targeted by Locky saw the steepest increase in ransomware attacks.

According to Forbes, this may explain the retail industry’s high ransomware ranking. The sector experienced the greatest increase in ransomware attacks of all the industries included in the report except for education and government. BitSight concluded that this increase may be due to the disproportionate degree to which Locky targeted the retail industry.

The report illustrated the seriousness of the threat of ransomware to enterprises. The rise of this type of malware continues, and no enterprise is safe.

More from

New memo reveals Biden’s cybersecurity priorities through fiscal year 2026

2 min read - On July 10, 2024, the White House released a new memo regarding the Biden administration’s cybersecurity investment priorities, initially proposed in July 2022. This new memorandum now marks the third time the Office of the National Cyber Director (ONCD), headed by Harry Coker, has released updated priorities and outlined procedures regarding the five core pillars of the National Cybersecurity Strategy Implementation Plan (NCSIP), now relevant through fiscal year 2026. Key highlights from the FY26 memorandum In the latest annual version…

How prepared are you for your first Gen AI disruption?

5 min read - Generative artificial intelligence (Gen AI) and its use by businesses to enhance operations and profits are the focus of innovation in virtually every sector and industry. Gartner predicts that global spending on AI software will surge from $124 billion in 2022 to $297 billion by 2027. Businesses are upskilling their teams and hiring costly experts to implement new use cases, new ways to leverage data and new ways to use open-source tooling and resources. What they have failed to look…

Cybersecurity crisis communication: What to do

4 min read - Cybersecurity experts tell organizations that the question is not if they will become the target of a cyberattack but when. Often, the focus of response preparedness is on the technical aspects — how to stop the breach from continuing, recovering data and getting the business back online. While these tasks are critical, many organizations overlook a key part of response preparedness: crisis communication. Because a brand’s reputation often takes a significant hit, a cyberattack can significantly affect the company’s future…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today