Education and government suffer most from ransomware
The highest rates of ransomware are now found in the education and government sectors according to the findings of a new report from BitSight.
The report looks at how ransomware is impacting almost 20,000 companies in six major industries: finance, retail, healthcare, energy/utilities, government and education. The findings show that the rate of new ransomware strains, such as Locky and Cryptowall, has spiked over the last couple of years, and numerous industries are beginning to fall victim to these ransomware attacks.
The report reveals that educational institutions have over three times the rate of ransomware found in healthcare and more than ten times the rate found in finance. Of the six industries examined, government has the second-lowest security rating and the second-highest rate of ransomware.
BitSight assigns a security rating score to each company and industry sector. Finance comes out on top, perhaps not surprisingly, with retail in second place having upped its game since a similar report in 2014.
Education though lags well behind the rest, its rating having dropped 15 points in the past year. More than one in ten organizations in education has been impacted by the Nymaim ransomware, while 34 different government groups have been hit with Locky, which was discovered only eight months ago.
"Ransomware is a legitimate threat, with estimates from the US Justice Department showing that over 4,000 of these attacks have occurred every day since the beginning of 2016," says Stephen Boyer, co-founder and CTO of BitSight. "While several ransomware attacks on healthcare companies have made headlines this year, the issue is more widespread. Our analysis shows that the education sector is actually the most impacted group, followed by government. Establishing email security protocols, monitoring key third-party vendors, tracking security ratings and avoiding file sharing are all ways to mitigate risks associated with ransomware".
You can find out more about the findings in the full report, available from the BitSight website.