By Christine Kern, contributing writer
It takes an average of 33 hours to recover from a ransomware attack.
Almost half of cybersecurity decision makers polled for a Vanson Bourne survey sponsored by SentinelOne said their organizations had been hit by at least one ransomware attack in the last 12 months, with the average victim hit six times. Nearly all of them (94 percent) said the attack caused an impact on their organization including increased spending in IT security (67 percent); change of IT security strategy to focus on mitigation (52 percent); and a loss of confidence in existing cyber security solutions (45 percent).
According to the survey, the chief targets of ransomware were employee information (42 percent); financial data (41 percent); and customer information (40 percent). Additionally, just over 60 percent of respondents said they did or would report attacks to the CEO/board; 54 percent did/would notify law enforcement; 50 percent would notify lawyers; and just 38 percent would notify customers.
“Ransomware has become one of the most successful forms of cybercrime in 2016 and is on the top of every security professional’s list of most prolific threats,” said Jeremiah Grossman, Chief of Security Strategy at SentinelOne. “It’s not surprising to see high levels of apathy towards traditional antivirus software, and we don’t expect the ransomware epidemic to slow down anytime soon. The situation is likely to get far worse, as some of the ill-gotten gains will be invested into research and development designed to improve encryption strength and utilize new delivery methods, as witnessed with Locky.”
Eighty-one percent of those respondents whose organization has suffered a ransomware attack in the last 12 months report the ransomware attacker gained access to their organization’s network through phishing via email or social media network. While 45 percent reported the attackers had been able to encrypt some files or data but the organization was able to decrypt them, 27 percent said the attackers were unable to encrypt any files and 25 percent said, while attackers were able to encrypt some data, a backup was held and the organizations were able to replace the encrypted files. On average, it took 33 employee hours to recover.
Half report the attacker gained access through a drive-by-download caused by clicking on a compromised website, and 40 percent state it was through an infection via a computer that was part of a botnet.
Approximately two-thirds (65 percent) of respondents recognized traditional cybersecurity techniques are inadequate protection against the next generation of malware, including ransomware attacks. Thirty-six percent said their organization feels defenseless, while 71 percent say they need a new solution to protect organizations from ransomware.
Further, 54 percent of those surveyed agree that their organization has lost faith in traditional cyber security and over four in ten 44 percent also agree that antivirus is dead, and yet 85 percent of respondents’ organizations install antivirus on all company owned static devices.
“As they have for decades, cyber-criminals continue to illegally access sensitive data by simply tricking users. This problem has not been addressed nor can it be solved by adding more firewalls and end-user trainings,” concluded Grossman. “To make a positive impact, both customers and vendors must make real changes to the defense tools they use and design. It’s clear that there’s an immediate need for a new generation of security technologies that can discover, stop and adapt to the new breed of threats and hacker strategies.”