Companies Are Coughing Up Ransom To Recover Their Data

Uploaded on 2020-06-27 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

The fourth Hiscox Cyber Readiness Report reports that six per cent of the 5,569 firms polled, and one in six of those attacked, had surrendered by paying out ransom fees following a cyber attack. 
 
The highest losses for a single firm targeted with a ransom demand hit £40.2 million. The report also showed that total cyber losses surged 50 per cent to nearly £1.4 billion in 2019.
 
Hiscox warned there were new cyber threats emerging from the coronavirus crisis, with a ramp-up in so-called phishing scams and as staff and companies are leaving themselves vulnerable due to less-secure home working computers.
 
The Report surveyed a representative sample of private and public sector organisations in the US, UK, Ireland, Belgium, France, Germany, Spain, and the Netherlands. Each firm was assessed on its cyber security strategy and execution. 
 
The Report says that UK businesses are now 15 times more likely to suffer a hacking incident rather than a fire or theft with one firm paying out £71 million.
 
Among the key findings:
 
  • Cyber losses soar: Total cyber losses among the study group rose from $1.2 billion to nearly $1.8 billion. The highest reported cyber losses were by a UK financial services firm, at $87.9 million. The highest loss from any one cyber event was $15.8 million, involving a UK professional services firm. The most heavily targeted sectors were financial services, manufacturing and technology, media and telecoms (TMT). Irish firms suffered the highest median costs, at over $103,000.
  • Held to ransom: More than 6% of total respondents, or one in six of those attacked, paid a ransom following a malware attack. The highest losses reported by any single company targeted with ransomware, and which could include other cyber events, topped $50 million. 
  • Upping their game: The number of firms achieving ‘expert’ status in our cyber readiness model increased from 10% to 18%. This follows two years while progress stalled. US and Irish firms came out best with 24% ranked as experts.  France was the biggest improver with 18% of firms ranked as experts, up from 6%. Overall, twice as many firms responded to a breach this year by adding new security and spending more on employee training.
  • Pace of cyber spending accelerates: The average spend on cyber security rose from $1.47 million to $2.05 million, a rise of 39%. French firms spent the most with an average of $3.1 million. Spanish and US firms were not far behind, at $2.6 million and $2.4 million respectively. The  average spending by British business rose from just under $900,000 to $1.5 million. 
Currently cyber losses per firm have risen nearly six-fold, from an average of £8,041 a firm to £45,832. UK firms are now 15 times more likely to suffer a cyber-attack than a fire or theft, the report suggests.
 
The biggest reported cyber loss among firms in the eight countries surveyed was suffered by a UK financial services firm, at £71 million. The report also uncovered that the highest loss from any one cyber event was £12.7 million, involving a UK professional services firm.
 
While cyber attack losses rose last year, the Hiscox report that firms are increasing their defences against hackers, with spending on cyber security rising 39 per cent. “The number of businesses that have paid a ransom following a malware infection is chilling... There is, however, one very positive message from this year’s report – there is clear evidence of a step-change in cyber preparedness, with enhanced levels of activity and spending'  the Hiscox Cyber chief executive commented
 
Hiscox also warned there were new cyber threats emerging from the coronavirus crisis, with a ramp-up in phishing scams and as staff and companies are leaving themselves vulnerable due to less-secure home working computers. "There is clear evidence of a step-change in cyber preparedness, with enhanced levels of activity and spending. Take-up of standalone cyber insurance remains patchy, but this report is a reminder that firms are many times more likely to have a cyber incident than either a fire or a theft for which most automatically insure," said a Hiscox spekesman.
 
 
Hiscox:      RTE:      WalesOnline:    Hull Daily Mail:    Cambridge News: 
 
You Might Also Read:
 
US Bombarded With Ransomware:
« Amazon Web Services Fights Off Massive DDoS Attack
Darktrace Wins Fortress Cyber Security Award »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Conceptivity +360 Cybersecurity

Conceptivity +360 Cybersecurity

Conceptivity +360 Security addresses advanced cybersecurity and supply chain security issues in policy, regulatory, legislation, standardisation, compliance and project management areas.

Wotan Monitoring

Wotan Monitoring

Wotan Monitoring is the software solution for fully automatic process monitoring, infrastructure monitoring and end-to-end monitoring.

Czech Accreditation Institute

Czech Accreditation Institute

Czech Accreditation Institute is the national accreditation body for the Czech Republic. The directory of members provides details of organisations offering certification services for ISO 27001.

Cytomic

Cytomic

Cytomic is the business unit of Panda Security specialized in providing advanced cybersecurity solutions and services to large enterprises.

Ksmartech

Ksmartech

Ksmartech provide services related to security and authentication in all areas where the connection of people to objects, and objects and objects is necessary.

CyberASAP

CyberASAP

CyberASAP provides expertise, knowledge and support to convert academic ideas into commercial products in the cyber security space.

Basque Digital Innovation Hub (BDIH)

Basque Digital Innovation Hub (BDIH)

The aim of the BDIH initiative is to provide industrial enterprises, especially SMEs, with the technological capabilities needed to meet the challenges of industry 4.0.

Pixm

Pixm

Pixm’s computer vision based approach offers a truly unique and effective means to protect organizations from web-based phishing attacks.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

Porto Research, Technology & Innovation Center (PORTIC)

Porto Research, Technology & Innovation Center (PORTIC)

PORTIC brings together several research centers and groups from P.PORTO in a single space, forming a superstructure dedicated to research, technology transfer, innovation and entrepreneurship.

European Cyber Competence Network

European Cyber Competence Network

The purpose of the European Cyber Competence Network is to retain and develop the cybersecurity technological and industrial capacities of the EU necessary to secure its Digital Single Market.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

Binalyze

Binalyze

Binalyze is the world's fastest and most comprehensive enterprise forensics solution. Our software helps you to collaborate and complete incident response investigations quickly.

Cranium

Cranium

Cranium are an international consultancy organisation specialised in privacy, security and data management.

ITConnexion

ITConnexion

ITConnexion is an Australian-based Managed IT Service with over 20 years of experience. We offer a complete IT management service for non-profits, SMEs, and enterprises.