Frequency Spikes for Cyber Attacks on Small Businesses in 2017

Cybersecurity has become more of a concern for businesses throughout 2016. See the numbers behind the threats that companies faced in the past year.

How has security changed in 2017? To help you develop your strategy for 2018, we’ve compiled a list of 2017’s most telling statistics in cybersecurity, covering new malware, ransomware, phishing, and attacks due to accidental insiders. Learn what security threats businesses faced in 2017 and how other companies are making changes after experiencing new security attacks and threats.

 

Once you’re done, check out our Endpoint Security Buyer’s Guide for resources to evaluate your current protection and help with decisions for your 2018 security stack.

More than 4,000 ransomware attacks have occurred every day since the beginning of 2017.

That's a 300% increase over 2016, where 1,000 ransomware attacks were seen per day.

Computer Crime and Intellectual Property Section (CCIPS)

That’s an average of 200,000 per day. And that’s only the malware samples detected by one company. Malware continues to grow and evolve to bypass your antivirus and other levels of protection, which makes it hard for your IT team, your vendors, and your company to keep up.

The amount of phishing emails containing a form of ransomware grew to 97.25% during Q3 2016, up from 92% in Q1 2016

PhishMe 2016 Q3 Malware Review

On average, 4,000 ransomware attacks occurred per day in 2016 according to a report from the FBI in June 2016. Diving deeper, ransomware attacks on businesses have become more frequent as well. Between January and September 2016, ransomware attacks on business increased from once every 2 minutes to once every 40 seconds according to Kaspersky.

Looking for more ransomware statistics to evaluate your risk and see where you could be vulnerable? See the list of statistics we compiled based on ransomware in 2016.

78% of people claim to be aware of the risks of unknown links in emails. And yet they click anyway.

Benenson-phishing-study-BlackHat.png Friedrich-Alexander University (FAU)

Dr. Zinaida Benenson conducted a two studies about mock phishing attacks and the results were surprising. Her studies, conducted at Friedrich-Alexander University (FAU) of Erlangen-Nuremberg, Germany and presented at Black Hat USA 2016, revealed that users are even more vulnerable to phishing attacks than we thought.

78 percent of participants stated in a questionnaire that they were aware of the risks of unknown links. In the first group tested with a mock phishing email, 20% of people said they clicked the link in the email but 45% actually clicked. In the second group tested, 16% of people said they clicked the link in the email but 25% actually clicked.

In both cases, a higher percentage of users actually clicked than the percentage who admitted that they clicked. The top reason people said that they clicked? See examples of the emails that were sent in this Business Insider article about the experiment. For more phishing statistics, visit https://blog.barkly.com/phishing-statistics-2016

52% of organizations that suffered successful cyber attacks in 2016 aren't making any changes to their security in 2017

security-planning-for-cyber-attack-victims.png Barkly, December 2016, Security Confidence Headed Into 2017

According to our survey about Security Confidence Headed into 2017, over half of organizations hit by a cyber attack are hesitating to make a change. Why? It may seem like a no brainer to bolster protection after an attack, but a lack of additional budget or a decrease in budget makes a change in protection a harder sell.

Of organizations who suffered an attack in 2016, 45% expect budget to stay the same and 7% expect budget to decrease.

2017-security-budget-forecast.png Barkly, December 2016, Security Confidence Headed Into 2017

According to our survey about Security Confidence Headed into 2017, 38% of respondents who suffered attacks expect their security budget to increase in 2017 but 52% expect budget to decrease or stay the same.

More than 4,000 ransomware attacks have occurred every day since the beginning of 2016.

That's a 300% increase over 2015, where 1,000 ransomware attacks were seen per day.

Computer Crime and Intellectual Property Section (CCIPS)