Digital extortion by means of ransomware or a systems breach was one of the most prominent threats to consumers and businesses in 2016. It seems IBM Security’s prediction materialized quite excessively this past year.

Ransomware is a generic name for a family of computer bugs programmed to lock up endpoints, such as PCs, servers or mobile devices, in various ways. Ransomware encrypts data on the endpoint or revokes access to the endpoint itself, then asks the victim to pay a ransom to regain control of the endpoint. A ransomware attack can affect an individual or organization anywhere in the world.

Ransomware on the Rise

In just the first three months of 2016, U.S. companies shelled out more than $209 million in ransomware payments. That’s a dramatic 771 percent increase from the nearly $24 million companies reportedly spent in all of 2015. Cybercriminals are spreading these threats to a growing number of people and organizations.

According to IBM X-Force, the volume of spam quadrupled in the last 23 months. Even more worrying is the marked increase in ransomware attached to spam, the rate of which is up 6,000 percent. While the average ransomware attachment rate was 0.6 percent in 2015, it has boomed to nearly 40 percent in 2016.

It is no surprise that the FBI and international law enforcement have been issuing alerts about this threat. The FBI estimated that ransomware is on pace to become a $1 billion source of income for cybercriminals by the end of 2016, a number that is expected to continue to rise in 2017. In that regard, Europol recently warned that ransomware is one of the biggest online threats affecting consumers and businesses this year, and it is unlikely to slow down in the foreseeable future.

Critical Data in the Cross Hairs of Ransomware Attacks

What would you do if cybercriminals managed to infect your computer with malware and encrypt all your files? Would you be concerned about saved work? Would you lament the loss of irreplaceable pictures and videos? Would you pay to get them back? If so, how much are you willing to spend? The average fee demanded by ransomware is over $500, but it may cost up to five times that amount.

What if a cybercrime gang breached a company server to steal all your organization’s intellectual property? What if all the computers in the hospital you manage were encrypted and held hostage? Would you pay? Attackers are counting on you to do just that.

To provide a clearer view into the unrelenting losses to ransomware, IBM fielded a U.S.-based consumer and business research study to determine the value employees and business executives place on data, and gauge their awareness and knowledge about ransomware. The results are alarming: The survey showed an overall lack of awareness and preparedness in the face of the rising risk of ransomware.

The Consumer Take

Consumers interviewed about ransomware provided some startling results. The targets of this highly prolific threat are all too often completely unaware of its existence. According to the IBM survey, only 1 in 3 consumers had ever heard of ransomware. Moreover, most were unlikely to take protective measures to avoid ransomware.

When asked about the importance of data, the scenario became more realistic to the respondents. For example, 55 percent of parents would pay to recover precious memories, versus only 39 percent of nonparents. In terms of other files, most respondents balked at the idea of paying a cybercriminal for their data. Many indicated that if were to consider caving in to fraudsters’ demands, they would not pay more than $100 to recover important data. In reality, however, consumers often end up paying a lot more than they would imagine, since ransomware demands average at least five times that amount.

The Enterprise Take

On the enterprise side, the IBM survey found that most employees are unaware of what ransomware is or how it can affect their company. The survey results showed that both awareness and the perceived willingness to pay to recover data depended on business size and previous experience with similar attacks.

Download the latest ransomware report from IBM X-Force

Seventy percent of businesses previously hit by ransomware indicated that they had paid the ransom to recover company data. Of that portion, 50 percent paid over $10,000 and 20 percent paid over $40,000. Furthermore, 60 percent of business executives surveyed believed they would pay to recover data in the future. Depending on the type of data lost, they indicated they would be willing to pay between $20,000 and $50,000 to regain access.

To Pay or Not to Pay?

With ransomware, the question is still to pay or not to pay? The FBI and other law enforcement agencies have advised victims to avoid paying a ransom. Paying only encourages cybercriminals to continue spreading their malware and raking in cash.

For more statistics and pointed advice to help you minimize the window of opportunity for a ransomware attack, download the full report, “Ransomware: How Consumers and Businesses Value Their Data.”


More from CISO

Bridging the 3.4 Million Workforce Gap in Cybersecurity

As new cybersecurity threats continue to loom, the industry is running short of workers to face them. The 2022 (ISC)2 Cybersecurity Workforce Study identified a 3.4 million worldwide cybersecurity worker gap; the total existing workforce is estimated at 4.7 million. Yet despite adding workers this past year, that gap continued to widen.Nearly 12,000 participants in that study felt that additional staff would have a hugely positive impact on their ability to perform their duties. More hires would boost proper risk…

CEO, CIO or CFO: Who Should Your CISO Report To?

As we move deeper into a digitally dependent future, the growing concern of data breaches and other cyber threats has led to the rise of the Chief Information Security Officer (CISO). This position is essential in almost every company that relies on digital information. They are responsible for developing and implementing strategies to harden the organization's defenses against cyberattacks. However, while many organizations don't question the value of a CISO, there should be more debate over who this important role…

Everyone Wants to Build a Cyber Range: Should You?

In the last few years, IBM X-Force has seen an unprecedented increase in requests to build cyber ranges. By cyber ranges, we mean facilities or online spaces that enable team training and exercises of cyberattack responses. Companies understand the need to drill their plans based on real-world conditions and using real tools, attacks and procedures. What’s driving this increased demand? The increase in remote and hybrid work models emerging from the COVID-19 pandemic has elevated the priority to collaborate and…

Why Quantum Computing Capabilities Are Creating Security Vulnerabilities Today

Quantum computing capabilities are already impacting your organization. While data encryption and operational disruption have long troubled Chief Information Security Officers (CISOs), the threat posed by emerging quantum computing capabilities is far more profound and immediate. Indeed, quantum computing poses an existential risk to the classical encryption protocols that enable virtually all digital transactions. Over the next several years, widespread data encryption mechanisms, such as public-key cryptography (PKC), could become vulnerable. Any classically encrypted communication could be wiretapped and is…