As businesses continue to tackle evolving cyber threats, I want to share information about ransomware and other cyber threats. Ransomware is currently the #1 cyber claim and continues to impact businesses with less than 1,000 employees.
Key Take-Aways
- 80.5% of attacks targeted companies with less than 1,000 employees. Many small companies have weak IT defenses.
- The average ransom payment in Q3 of 2022 was $258,143 (+ 13.2% from Q2.)
- Double-Extortion attacks are on the rise (threat actors threatening to leak obtained data)
- Email phishing was still the most common ransomware attack, but hackers are now shifting to exploit access types as they become available. They use software to run millions of username and password combinations until they get in. Normal phishing attacks trip users/employees into clicking bad links or entering their credentials through email requests like fake Outlook.
- Average days of downtime = 25 days