“Human Factor” to Blame for Increase in Ransomware Attacks

By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow

Cybersecurity company Malwarebytes recently released findings from their Second Annual State of Ransomware Report, which provides us with some important insight on today’s state of digital security. An article on CNET highlights findings from the report.

According to the report, one-third of SMBs (small-to-medium-sized businesses) were hit by ransomware in the last year. For the 32% of companies who were infected by at least one malware attack in 2016, one fifth had to immediately shut down operations.

CNET also goes into detail about how Australian, British and U.S. businesses responded after facing a ransomware attack.

  • Are you aware of how a ransomware attack occurred on your organization?
    • 31% of Australian businesses said no
    • 9% of U.S. businesses said no
  • Did you pay the ransom following the attack?
    • 46% of Australian businesses paid the ransom
    • 43% of British businesses paid the ransom
    • 21% of U.S. businesses paid the ransom
  • After paying the ransom, were your files returned to you?
    • 40% of Australian businesses still lost their files
    • 46% of British businesses still lost their files
    • 32% of U.S. businesses still lost their file

According to Brett Callaughan, Senior Systems Engineer for Malwarebytes, ransomware really isn’t a result of poor security software, but rather a result of poor human behavior. Callaughan warns that cybercriminals are now targeting “more of the human factor” when it comes to how they will carry out their attacks.

They’ll just go after the user and they’ll spray and pray. If you hit 100,000 email accounts and 10,000 hit the button and you’re charging $200 a piece? That’s a significant amount of income right there from doing very little.”

If you are unsure about an email, whether it be the sender or content, do not click on the email.

This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.