More than half of public and private organizations in the United States fell victim to ransomware attacks

By Dorothy 01/30/20 12:16 PM

According to Proofpoint’s ‘State of the Phish’ 2020 report, 51% of U.S. organizations surveyed chose to pay for threats after being attacked with a successful ransomware attack. Hackers have continued to use increasingly advanced techniques to infect machines and encrypt sensitive data.

Ransomware payments to cybercriminals may soon become the rule instead of the exception, according to new research by Proofpoint.

“State of the Phish” report of Proofpoint

Proofpoint’s sixth annual “State of the Phish” report surveyed 600 infosec experts working in seven countries: the United States, Australia, France, Japan, the United States, Spain and Germany.

The report shows that 33% of global organizations infected with ransomware in 2019 chose to pay the ransom. In the United States alone, 51% of organizations that experienced a ransomware attack decided to pay the ransom, which is the highest of the seven countries surveyed.

In the threat report, the researchers focused on phishing, ransomware, and cryptocurrency attacks. They analyzed the ways hackers used social engineering to commit cybercrime, how to improve employee awareness of such attacks, and how infosec groups are fighting them.

Proofpoint has analyzed more than 9 million malicious emails, surveyed 600 industry leaders and 3500 IT employees. They have also run over 50 million phishing attack simulation emails on their customers to provide a comprehensive overview of cybercrime situation in 2019.

Proofpoint found that more than 55% of organizations fell victim to a successful phishing attack last year. 90% of global organizations have been targeted by malicious email phishing attacks, while 50% of organizations are subject to ransomware attacks, compromised accounts or fake information.

Gretel Egan, security and training strategist at Proofpoint, said she was not surprised that one-third of the survey participants made payments using ransomware after being attacked. While law enforcement agencies and infosec providers are always calling on victims not to pay the ransom, she says she understands “the lure” such payments represent, especially for critical infrastructure organizations.

Egan said that even if organizations make payments using ransomware, there is no guarantee. According to a 2020 report by Phish, among organizations that chose to pay the ransom, 22% never had access to their data, and 9% were attacked by additional ransomware attacks.

Egan said Proofpoint observed another trend related to ransomware attacks, where threat agents deplete organizations’ data before encryption and then threaten to embarrass the victim with how to make sensitive data public.