study
Cyber attacks: One in nine victims pays a ransom
A computer is infected with ransomware: Allianz expects a worrying increase in cyber attacks worldwide this year, especially with blackmail software. photo
© Lino Mirgeler/dpa
The number of cyberattacks on companies is increasing rapidly. The attackers usually use blackmail software. The digital association Bitkom warns against paying ransoms to criminals.
The list of victims of cyber attacks in Germany is long: it extends from the automotive supplier Continental and the Motel One hotel chain to the armaments company Rheinmetall. The only messages that appeared on the PC screens there and at many other companies were things like “Your computer is locked” or “Your data is encrypted”. The companies fell victim to a so-called ransomware attack.
Experts refer to ransomware as malware that cybercriminals use to penetrate the IT systems of companies and organizations and encrypt important data. In order to be released, they demand a ransom, often paid in a cryptocurrency such as Bitcoin.
And although the security authorities repeatedly manage to strike against international cybercriminals, the wave of attacks does not subside, on the contrary: the insurance company Allianz is expecting a worrying increase in the current year. In most cases, cyber attacks now involve personal or sensitive business data being stolen for the purpose of blackmail, according to a study by Allianz Commercial published on Wednesday. This would increase the costs and complexity of the incidents and increase the potential for reputational damage.
Analysis of the alliance
According to Allianz, the number of ransomware attacks increased by half in the first half of 2023 alone. For the “Cyber Security Trends 2023” study, the insurer analyzed major cyber damage in detail: According to this, the number of cases in which data is leaked has been increasing for years – from 40 percent in 2019 to almost 80 percent in 2022. This year the number will be significantly higher. Absolute case numbers are not mentioned in the study.
The alliance’s analysis corresponds to the findings of the Federal Office for Information Security (BSI). “Cyber attacks with ransomware continue to represent the greatest threat to companies and organizations,” recently warned BSI Vice President Gerhard Schabhüser.
In Germany, according to a survey by the digital association Bitkom, a good half of all companies with ten or more employees (52 percent) were attacked with ransomware within a year. That’s more than 230,000 companies. One in nine companies in Germany (11 percent) that fell victim to ransomware then paid a ransom. Four in ten ransomware victims (44 percent) report that their business operations were impacted by the crippled computers and lost data, on average for around three days.
For its investigation, Bitkom surveyed those responsible for 1,002 companies with ten or more employees in Germany. The survey is representative. According to the Federal Statistical Office, there are around 445,000 companies of this size in the Federal Republic.
Bitkom warns: Do not pay under any circumstances
Millions of dollars flow into the hands of cybercriminals worldwide. According to analytics firm Chainalysis, ransomware victims paid nearly $450 million to cybercriminals in the first six months of this year. This half-year value almost corresponds to the $500 million for the entire previous year. Chainalysis specializes primarily in the analysis of blockchain databases of cryptocurrencies such as Bitcoin, in which transactions can be publicly traced.
However, Bitkom warns the affected companies not to respond to the blackmailers’ demands: “Anyone who falls victim to ransomware should under no circumstances pay,” said Susanne Dehmel, member of the Bitkom management. “On the one hand, you strengthen the criminal organizations behind the attacks and make yourself an interesting target for further attacks. On the other hand, the malware is often so poorly programmed that the data cannot be restored or not completely restored even after payment .”
Dehmel advises companies to take preventative action: “In addition to the usual IT security measures such as up-to-date software or employee training, there is an effective means of preventing ransomware attacks: backups. Anyone who has current backup copies of the data and has practiced can restore them Quickly integrating it into the systems can significantly reduce the damage.”