One-Fourth of Organizations Have Been Victim to a Ransomware Attack with 59% Starting with Email



25% of Organizations Have Been Victim to a Ransomware AttackNew analysis highlights just how prevalent ransomware attacks are today, how material the impacts are, whether organizations get their data back, and exactly how these attacks start.

I love to see reports on the current state of attacks; it gives those of you reading this blog a better idea of exactly how attacks happen and what precautions will be most effective in rendering attacks useless.

The most recent data from security vendor Hornetsecurity, in their 2022 Hornetsecurity Ransomware Attacks Analysis report shows that a sizable amount of organizations are seeing successful ransomware attacks within their organization:

  • 24% of organizations have experienced a ransomware attack
  • 21% of all ransomware attacks have occurred in the last 12 months

In most cases, the affected organizations are able to retrieve their data from backups, but according to the analysis, 14% of victims lost their data and 7% had to pay the ransom to get their data back – making it 1 in 5 organizations who found themselves unprepared and in trouble when it comes to their data.

So, how did these attacks occur? According to the analysis, it’s mostly related to email and/or social engineering:

  • 59% of attacks started with an email-based phishing attack
  • 16% of attacks started with a compromised endpoint (which is usually the result of one of four things in descending order: phishing attack, social engineering, RDP brute force, or vulnerability exploit)

The analysis also reveals that 27% of organizations don’t provide Security Awareness Training – a percentage that is likely much higher when you look at the quality of training provided (e.g., breakroom training for an hour once a quarter isn’t going to stop an attack). Using Hornet’s data, it’s evident that continual training is going to have a material impact on stopping ransomware attacks at their point of entry – the Inbox.


Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews