State of Ransomware 2021
The threat and scope of ransomware is acceleration. As one can see from these publically available statistics, ransomware is impacting companies across all industries and of all sizes. In 2021, a business will suffer a ransomware attack every 11 seconds.1
With increasing sophistication and evolving tactics, Coveware is finding the impact to operations and the resulting costs of those attacks is growing at an alarming rate.
The average cost of a ransomware attack
is up 43% from Q4 2020 to Q1 2021.2
The average downtime in a ransomware incident for a company that has been attacked is 23 days.3
Insights from Egnyte Customers
In order to further explore the impact of ransomware Egnyte analyzed all reported ransomware incidents with its customer base over a 16-month period. Below are the key findings.
Ransomware Attacks by Industry
Ransomware attacks occur in every industry across the globe. But, attacks may be more prevalent in industries where files are integral to the operation of the business, where the risk surface is larger, and where downtime is a less acceptable outcome.
Percent of Accounts Reporting an Incident Per Domain
Ransomware Attacks in Architecture, Engineering & Construction
Egnyte’s State of Ransomware Report for Architecture, Engineering and Construction analyzed the threat of ransomware among Egnyte’s AEC customers.
The Frequency of Ransomware Attacks
AEC companies were more than twice as likely to be the target of ransomware than the Egnyte Cross-Industry Average.
Percent of Accounts Reporting an Attack by Geographic Location
While ransomware is a threat globally, we are seeing the preponderance of attacks occurring in North America with 2.1% of all accounts impacted by a successful attack.
Attacks by Company Size
Companies with more than 1000 employees were 6x more likely to be attacked than mid-sized companies, most likely due to their ability to pay the ransom.
Recurrence of Ransomware
Companies hit with successful ransomware attacks had a very high likelihood they would be struck again. 32% of AEC companies who were victim of one attack experienced one or more follow-on attacks.
The Scope of Ransomware Attacks
To understand the scope of ransomware attacks on AEC companies we examined the number of files that were impacted by a given attack. This gives us an idea of how far an attack spread before it was contained and provides context for how impacted operations could be based on the amount of files impacted.
Want more insider data about the scope and impact of ransomware in AEC?
How Egnyte Helps Protect Against Ransomware
While there is no 100% guarantee about avoiding ransomware, Egnyte has built in functionality to help companies mitigate and recover from a ransomware attack.
Three Phases of Ransomware
There are three primary phases of a ransomware attack and Egnyte has deployed specific capabilities in each of them.
Implementing preventative and automated detection capabilities
ML-based behavioral analytics will identify and flag patterns of file activity indicative of ransomware — such as renaming, deletions, and changes in file entropy.
Restricting the ransomware’s and users’ access to files
Automatic ransomware notification allows administers to cut off user and device access in case of a breach.
Eliminating any potentially infected files and replacing them with clean backups
Back-Up & Restoration
File back-up and selective file restoration rolls back files across the infected parts of the organization.
The Road to Ransomware Recovery
How quickly an organization can identify, contain, and eradicate ransomware is critical to getting back to work. Egnyte helps companies quickly recover from a ransomware attack with an audit trail of compromised users, files, and data subjects/sensitive data. And selective file restoration only rolls back impacted files, not your entire file environment, so clean files can still be accessed to maintain current operations. That is why once a breach is reported to Egnyte the average time to recovery is only 155 hours — under a week.
There are only two types of companies, those who have been hit by ransomware and those who will be hit by ransomware. Now is the time to ensure you are in the best possible position to mitigate and recover from a ransomware attack. To learn more about things you can do to protect against ransomware, check out our video “Detect & Mitigate Your Ransomware Risk”.
Or schedule a meeting with one of our experts to discuss how Egnyte can help you secure your most critical asset – your data.