Ransomware incidents reached epidemic levels in 2016 with high profile attacks on health care organizations highlighting the operational impacts of cyber extortion by impeding the ability of some targeted organizations to deliver patient care. Cybercriminals continued to employ tried and true attack vectors and methods, principally phishing, to execute a transactional ransomware business model across multiple industries.
Ransomware’s prominence continued in 2017 with global attacks such as Wannacry and a new variant of Petya dubbed “Notpetya,” both of which propagated via the leaked NSA EternalBlue exploit kit. While most ransomware attacks had previously been associated with cybercriminals, these attacks were widely attributed to nation states.
This ESG video shares the results of research ESG conducted to gain insights into the extent of ransomware infections in 2017, the industries that were most affected, the recurring nature of ransomware attacks, and how IT and cybersecurity leaders view the ongoing level of risk associated with ransomware.
For more, check out the ESG Brief, Ransomware: A Priority for 2018.