Ransomware Report: Top Security Threat Expected to Continue Rising in 2017

December 14, 2016
co-authored by Caleb Barlow
4 min read

Digital extortion by means of ransomware or a systems breach was one of the most prominent threats to consumers and businesses in 2016. It seems IBM Security’s prediction materialized quite excessively this past year.

Ransomware is a generic name for a family of computer bugs programmed to lock up endpoints, such as PCs, servers or mobile devices, in various ways. Ransomware encrypts data on the endpoint or revokes access to the endpoint itself, then asks the victim to pay a ransom to regain control of the endpoint. A ransomware attack can affect an individual or organization anywhere in the world.

Ransomware on the Rise

In just the first three months of 2016, U.S. companies shelled out more than $209 million in ransomware payments. That’s a dramatic 771 percent increase from the nearly $24 million companies reportedly spent in all of 2015. Cybercriminals are spreading these threats to a growing number of people and organizations.

According to IBM X-Force, the volume of spam quadrupled in the last 23 months. Even more worrying is the marked increase in ransomware attached to spam, the rate of which is up 6,000 percent. While the average ransomware attachment rate was 0.6 percent in 2015, it has boomed to nearly 40 percent in 2016.

It is no surprise that the FBI and international law enforcement have been issuing alerts about this threat. The FBI estimated that ransomware is on pace to become a $1 billion source of income for cybercriminals by the end of 2016, a number that is expected to continue to rise in 2017. In that regard, Europol recently warned that ransomware is one of the biggest online threats affecting consumers and businesses this year, and it is unlikely to slow down in the foreseeable future.

Critical Data in the Cross Hairs of Ransomware Attacks

What would you do if cybercriminals managed to infect your computer with malware and encrypt all your files? Would you be concerned about saved work? Would you lament the loss of irreplaceable pictures and videos? Would you pay to get them back? If so, how much are you willing to spend? The average fee demanded by ransomware is over $500, but it may cost up to five times that amount.

What if a cybercrime gang breached a company server to steal all your organization’s intellectual property? What if all the computers in the hospital you manage were encrypted and held hostage? Would you pay? Attackers are counting on you to do just that.

To provide a clearer view into the unrelenting losses to ransomware, IBM fielded a U.S.-based consumer and business research study to determine the value employees and business executives place on data, and gauge their awareness and knowledge about ransomware. The results are alarming: The survey showed an overall lack of awareness and preparedness in the face of the rising risk of ransomware.

The Consumer Take

Consumers interviewed about ransomware provided some startling results. The targets of this highly prolific threat are all too often completely unaware of its existence. According to the IBM survey, only 1 in 3 consumers had ever heard of ransomware. Moreover, most were unlikely to take protective measures to avoid ransomware.

When asked about the importance of data, the scenario became more realistic to the respondents. For example, 55 percent of parents would pay to recover precious memories, versus only 39 percent of nonparents. In terms of other files, most respondents balked at the idea of paying a cybercriminal for their data. Many indicated that if were to consider caving in to fraudsters’ demands, they would not pay more than $100 to recover important data. In reality, however, consumers often end up paying a lot more than they would imagine, since ransomware demands average at least five times that amount.

The Enterprise Take

On the enterprise side, the IBM survey found that most employees are unaware of what ransomware is or how it can affect their company. The survey results showed that both awareness and the perceived willingness to pay to recover data depended on business size and previous experience with similar attacks.

Download the latest ransomware report from IBM X-Force

Seventy percent of businesses previously hit by ransomware indicated that they had paid the ransom to recover company data. Of that portion, 50 percent paid over $10,000 and 20 percent paid over $40,000. Furthermore, 60 percent of business executives surveyed believed they would pay to recover data in the future. Depending on the type of data lost, they indicated they would be willing to pay between $20,000 and $50,000 to regain access.

To Pay or Not to Pay?

With ransomware, the question is still to pay or not to pay? The FBI and other law enforcement agencies have advised victims to avoid paying a ransom. Paying only encourages cybercriminals to continue spreading their malware and raking in cash.

For more statistics and pointed advice to help you minimize the window of opportunity for a ransomware attack, download the full report, “Ransomware: How Consumers and Businesses Value Their Data.”


Limor Kessem
Executive Security Advisor, IBM

Limor Kessem is an Executive Security Advisor at IBM Security. She is a widely sought-after security expert, speaker and author and a strong advocate for wom...
read more