2016 Saw 638 Million Instances of Ransomware, Report Says
These days it seems like you can’t watch the evening news without hearing another ransomware horror story. The epidemic of weaponized encryption hit a fever pitch last year, so it should be no surprise that 2016 saw a whopping 638 million instances of Ransomware–167 times more than the 3.8 million ransomware attack attempts in 2015, according to a new report from SonicWall.
Aside from that explosive growth in ransomware attacks, the report, sourced from information gathered by SonicWall’s GRID Threat Network, found a modest decrease in general malware attacks. Total attack attempts dropped to 7.87 billion in 2016 from 8.19 billion in 2015.
Meanwhile, unique malware samples collected fell to 60 million in 2016, compared with 64 million in 2016, according to the report. A 6.25 percent decrease.
Despite that general decline in malware attacks, ransomware’s ease-of-use and profitability have fueled a meteoric rise in its use, says SonicWall.
The emergence of Ransomware-as-a-Service (RaaS), has made ransomware easy to deploy even for malicious actors without the technical skills to execute attacks themselves. Wannabe hackers simply need to download and deploy a malware kid, often available at a flat rate or for a percentage of the final take, says SonicWall.
While it’s difficult to put a number on the average cost of a ransomware attack, as many victims choose not the publicize the attacks, SonicWall’s report estimates that approximately $209 million in ransoms were paid in just the first quarter of 2016.
Some organizations have publically admitted to paying ransoms, such as Hollywood Presbyterian Medical Center in Los Angeles, who paid $17,000 in bitcoin to regain access to core systems in February 2016.
Another example, The Lansing Michigan Board of Water and Light, paid $25,000 in bitcoin to recover encrypted data. The initial ransom, however, only represented a fraction of the total cost for Lansing BWL, whose administrators told SonicWall that they paid a total of approximately $2.4 million in costs related to the attack. The majority of that came from the cost of covering an emergency cyber-response team, stabilization and restoration efforts, and improvements to their security systems.