Story image

Ransomware: New report reveals most vulnerable industry

04 Oct 16

A new report has revealed which industries are most likely to experience ransomware attacks, with education leading the pack as the most impacted group.

The Rising Face of Cyber Crime: Ransomware report from BitSight analysed security ratings of nearly 20,000 companies to identify common forms of ransomware across industries including finance, healthcare, education, energy/utilities, retail, and government.

“Ransomware is a legitimate threat, with estimates from the U.S. Justice Department showing that over 4,000 of these attacks have occurred every day since the beginning of 2016,” says Stephen Boyer, co-founder and CTO of BitSight.

“While several ransomware attacks on healthcare companies have made headlines this year, the issue is more widespread.”

The analysis shows that the education sector is actually the most impacted group, followed by government.

“Establishing email security protocols, monitoring key third-party vendors, tracking security ratings and avoiding file sharing are all ways to mitigate risks associated with ransomware,” explains Boyer.

The report found that ransomware is gaining traction.

“The rate of ransomware has significantly increased for every industry examined over the last 12 months,” says Boyer.

“Cyber criminals seem to be finding a lucrative business through ransomware attacks.”

Education has the highest rate of ransomware of all industries examined in the report.

“In fact, these institutions have over three times the rate of ransomware found in healthcare and more than ten times the rate found in finance,” Boyer explains.

Of the six industries examined, government had the second-lowest security rating and the second-highest rate of ransomware.

“In fact, ransomware in this sector more than tripled over the last 12 months,” adds Boyer.

According to Boyer, ransomware continues to rapidly evolve.

“Over one in ten organisations in education has been impacted by Nymaim, while 34 different government groups have been hit with Locky, which was discovered only eight months ago,” he says.

Although ransomware is not typically associated with the finance industry, researchers discovered that more than 115 different financial services organisations have some form of ransomware on their corporate networks.

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Kiwis concerned about being scammed – survey
This unease is warranted given the growing sophistication of scammers and their activities, and numbers of attempted fraud.
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Interview: Aruba’s NZ country manager talks channel strategy
“What we're taking to market is that message around simplification and having everything in one place.”
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.