Beazley Breach Response Services have released a new report indicating that 71% of ransomware attacks target small and medium businesses (SMBs).
Ransomware is malware variant which denies the user access to their device, or individual files on the device until a ransom has been paid to the scammer. Ransomware attacks are becoming increasingly common, particularly against organisations in the healthcare industry due to the high black-market of healthcare data.
Hackers can demand very high ransoms from those they are attempting to extort; one Beazley client received a demand for $8.5 million. In this instance, the organisation didn’t pay the ransom, and this large sum is undoubtedly an anomaly. The Beazley report found that in 2018, the average ransom demand was $116,324 and the median ransom demand was $10,310.
Beazley explained that the reason hackers are more likely to target SMBs as they typically do not have as robust cybersecurity safeguards as larger organisations do. Although hackers usually must demand smaller sums from SMBs, as they are unlikely to be able to afford to pay large ones, the chance of success for the hacker is much higher, as the SMB often does not have any alternative but to pay the ransom.
The Beazley report discovered that two of the most common cybersecurity failures hackers use to gain access to SMB networks are the failure to change default RDP ports and the use of weak passwords. Hackers can easily crack weak passwords with brute force attacks. A high percentage of ransomware attacks in 2018 was on companies that had failed to lockdown Remote Desktop Protocol.
The Beazley report discovered that individuals using ransomware-as-a-service were responsible for a significant portion of the attacks. These individuals may have few technical skills, but do not need to develop their ransomware and only must be able to deploy the ransomware to attack networks. Highly skilled hacking groups are responsible for another significant number of attacks.
The report revealed that 34% of attacks were on healthcare organisations, the highest percentage of any sector. Attacks on financial services account for 12% of total attacks, as do attacks on professional services. Attacks on retail accounted for 8% of attacks.
Nearly half (47%) of all breaches dealt with by BBR Services in 2018 were caused by hacking incidents and malware incidents.
Beazley also notes that there was an increase in sextortion scams in 2018. Hackers conduct these scams to blackmail victims, but also to fool them into installing ransomware or other forms of malware so they can also be extorted.
The number of business email compromise attacks increased by 133% in 2018. In total, BEC attacks accounted for 24% of all breaches dealt with by BBR Services. This figure is an increase from 17% in 2017. The average claim for a BEC attack was $70,960, and the maximum was $2.5 million.
Beazley’s is a specialist insurance group, and their Beazley Breach Response Services deals with the aftermath of an attack, including the investigation and the breach response.