The ransomware epidemic: why does the EMEA region pay the most ransoms?

The ransomware epidemic: why does the EMEA region pay the most ransoms?

This is a contributed article by Chris Ross, SVP international sales at Barracuda

Since last year’s high profile global campaigns WannaCry and NotPetya you’d be hard pressed to find anyone who isn’t aware of the threat ransomware poses. But do IT teams around the world really feel the threat day-to-day? Do all regions feel the same level of threat or are some regions more complacent?

According to a recent Barracuda global survey of around 630 organizations, ransomware remains a major concern for the majority of organizations. In fact, 89% of respondents in America, 88% in APAC and 84% in EMEA think ransomware is a big issue for them and their organization.

Yes, you read that correctly: even though data protection regulation within the EMEA region has recently been tightened, the concern around ransomware is the lowest. Yet interestingly it’s also the region that most often bears the negative results of ransomware -- 19% of EMEA organizations confessed to having had to pay ransom after being attacked, which is double their American counterparts (9%) and higher than APAC (17%).

Perhaps unsurprisingly, the regions least concerned about ransomware also experience more attacks. There was a lot less concern around ransomware in APAC compared to AMER. Over half (53%) of APAC respondents admitted to being victim to an attack, which is almost 20% higher than in AMER. There seems to be a direct correlation between the amount of concern and being less of a victim. Perhaps those regions who are more concerned allocate more time and resources to fighting it, meaning that they’re less likely to become a victim.


Who’s still paying the ransom? 

While some businesses aren’t as concerned about ransomware, 35% of organizations worldwide admitted to being a victim. However, only 12% confessed to having paid a ransom when faced with an attack. This suggests a lot of businesses are now more equipped to deal with attacks by backing up their data and workloads, removing their need for paying the ransom. This approach is highly recommended by law enforcers and experts as it no longer makes ransomware a profitable business for cyber criminals. Also paying is no guarantee you’ll get your data back.

So how do organizations pay the ransom? 44% of victims globally pay ransomware through wire transfers. This is most common in the APAC (67%) and EMEA (50%) regions. Whereas in AMER it’s most common for organizations to pay ransom with bitcoin (44%) reflecting bitcoin’s wider adoption in this region.


How are the cybercriminals getting in?

When asked where the security breach originated it's no surprise that 75% of respondents across all regions identified email as the source. This was especially high in the APAC region (81%) within smaller businesses, which is not unexpected considering APAC is the least mature in terms of deploying cyber security technology and best practices. We all know that smaller businesses are often the most strapped for cyber security budget too. Web traffic (32%) also contributes to the number of  global attacks with network traffic not far behind (23%).

While email based security attacks are a major concern for all regions, the APAC region is 11% more concerned about email security than the EMEA region. This worry is not without cause as the main contributor to ransomware attacks in both regions is email. Email phishing attacks are designed to trick employees into clicking on links. This tactic will continue to succeed unless organisations educate their users to prevent the increase of ransomware. Comfortingly, over half (63%) of organizations globally believe phishing stimulation would be beneficial for their company in order to secure emailing capabilities.


Education, education, education

End-user training awareness was generally believed to be important. 49% of respondents across all regions believe that awareness programmes around preventing email based attacks are essential. However, a shocking 23% of global organizations admitted that they don’t train their employees at all around phishing and spear phishing prevention. A shocking 35% of organizations in EMEA do not train their employees on this issue which is likely why they pay the most in ransom. This is significantly higher than organizations in AMER (19%) and APAC (21%).

There’s no evidence that the ransomware threat has diminished, yet 35% of businesses around the world are still falling victim to these attacks. Despite knowing that these threats are predominantly getting in via email, a large number of organizations still don’t provide their employees with training to detect and prevent these attacks. Until organizations get better at educating their users, they will continue to pay dividends for the criminals.

Ransomware may not be a new threat, but it’s still an extremely potent one. A successful attack can cause downtime, user frustration, lost productivity, lost business, and more. Properly understanding the threat faced will give all businesses, from around the world, a far greater chance of recognizing and stopping an attack before it’s too late.


« How machine learning can help manufacturing


Effective enterprise security is about data, not devices »
IDG Connect

IDG Connect tackles the tech stories that matter to you

  • Mail


Do you think your smartphone is making you a workaholic?