In-depth

The cyber security threat in six charts

What happens when UK firms experience security attacks?

The threat of cyber security is unquestionably growing more serious over time. The impact of attacks on businesses can be devastating, and for many, the source remains unknown - as many as 35% of attacks on UK-based organisations are from an unknown source.

The majority of organisations consider dealing with cyber threats, and ransomware in particular, as a high priority, but many lack confidence in their ability to respond to a successful attack.

These charts are from two reports by Malwarebytes. The first is a report into Cybercrime tactics and techniques: 2017 state of malware', evaluating the key findings and cybercrime trends in 2017. The second is a survey on 'The Second Annual State of Ransomware' undertaken in the United Kingdom as part of a larger survey of organisations across the world on ransomware and other critical security issues. It was conducted with small to mid-sized businesses during June 2017, with individuals who are responsible for or knowledgeable about cyber security issues at 175 UK organisations.

Ransomware attacks saw a serious spike in Q3 of 2017

Statistically, 2017 was a banner year for ransomware. According to the report, business and consumer ransomware detections have increased 90% and 93% respectively, largely because of families like WannCry, Locky, Cerber and Globelmposter. In fact, the monthly rate of ransomware attacks against businesses increased up to 10 times the rate of 2016.

The summer months brought in a flood of ransomware infections from a couple of new players. Between July and September 2017, there was a 700% increase in ransomware, with Globelmposter and WannaCry making up most of that statistic.

In addition, nearly seven percent of all attacks against businesses in September 2017 involved ransomware, compared to the average rate of ransomware attacks in 2016, which totalled 1.11%

Malware infiltration through email is the top security concern

For 85% of organisations, the top concern is malware infiltration through email, closely followed by phishing through email. For both of these attacks, email servers only form part of the defence, and businesses are reliant on staff being able to identify suspicious emails.

Almost all UK organisations have experienced security attacks

Most organisations in the UK have experienced various types of security attacks and data breaches over the past year, with many facing some type of security-related incident on a more than monthly basis. But with 44% of decision-makers being fairly or very confident that they can stop attacks, it looks like the defences are holding for now.

Most ransomware incidents have affected just the endpoint

Of the most serious ransomware attacks that have hit organisations, 57% have affected just an organisation's endpoint. However, for 2% of companies, the impact of ransomware has been devastating, affecting every device on the corporate network.

Ransom demands from cyber criminals are fairly small

Over half of ransom demands from cyber criminals to small and mid-sized businesses are for less than $1,000. However, there are still a fair proportion of criminals who ask for much larger sums, with 42% asking for more than $1,000 and 3% demanding a whopping $50,000 to $150,000 to release files. Survey respondents reported that more than two in five UK organisations opted to pay the ransom demand in the most serious ransomware attack.  

Email security is the top process in place to address cyber attacks

Most of the surveyed organisations in the UK have deployed email security to address malware and phishing attempts. They have also implemented regular, on-premises data backups so that they can restore affected machines to a known good state as quickly as possible. Many organisations have also implemented network segmentation, used outsourced security providers, on-premises ransomware-detection solutions, and regular cloud-based backup capabilities to further counter threats.

Featured Resources

Edge-enabled mobility of the future

Turning vehicle data into value

Download now

Modern networking for the borderless enterprise

Five ways top organisations are optimising networking at the edge

Download now

Address multi-cloud configuration risks

Cloud security challenges and how to overcome them

Watch now

The total economic impact of IBM Security Verify

Cost savings and business benefits enabled by IBM Security Verify

Download now

Recommended

Best ransomware removal tools
ransomware

Best ransomware removal tools

22 Jan 2021
How to enable private browsing on any device
privacy

How to enable private browsing on any device

8 Mar 2021
Invoice ZLoader campaign hides within encrypted Excel docs
malware

Invoice ZLoader campaign hides within encrypted Excel docs

8 Mar 2021
IT security awareness and training firm KnowBe4 acquires MediaPRO
Acquisition

IT security awareness and training firm KnowBe4 acquires MediaPRO

3 Mar 2021

Most Popular

UK gov flip-flops on remote work, wants it a standard for all jobs
flexible working

UK gov flip-flops on remote work, wants it a standard for all jobs

5 Mar 2021
Star Alliance passenger data stolen in SITA data breach
data breaches

Star Alliance passenger data stolen in SITA data breach

5 Mar 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

26 Feb 2021