IBM reveals global cost of ransomware attacks

Technology giant releases a report estimating the financial impact of malicious software

IBM reveals global cost of ransomware attacks

Insurance News

By Nicola Middlemiss

The number of cyberattacks may be on the decline but malicious software is still costing companies billions of dollars every year, according to a recent report by IBM.

Last week, the technology giant released a study which showed the number of reported cyberattacks had declined nearly 25% year on year, from around 4 billion to 2.9 billion.

Despite the drop, ransomware attacks like WannaCry, NotPetya, and Bad Rabbit were still estimated to have cost companies around the world a combined $8 billion in 2017.

IBM’s Threat Intelligence Index also highlighted that hackers are now looking at newer opportunities. While financial services was hit by the majority of security incidents for a second year running, sectors like manufacturing and ICT were significantly more affected in 2017.

“While business leaders are aware of attacks, they remain woefully unaware, by and large, of the structure, data content, function, and connections of their own digital networks,” said Ray Rothrock, CEO of cybersecurity analytics platform RedSeal.

“Without knowledge of their own digital infrastructure and the status of the data carried on that infrastructure—the balance of accessibility versus security—it is simply impossible to be aware of the risks they face from cyberattack.”

The report also indicated that cybercriminals continued to take advantage of human error and mistakes in infrastructure configurations to launch attacks.

For instance, inadvertent activity such as misconfigured cloud infrastructure was responsible for the exposure of nearly 70% of compromised records, representing a year-on-year increase of 424%.

Phishing attacks were also found to be putting organisations at serious risk, accounting for one-third of inadvertent activity. This includes users clicking on a link or opening an attachment laced with malicious code, usually shared via a spam campaign launched by cybercriminals.

 

Keep up with the latest news and events

Join our mailing list, it’s free!