Most IT leaders have by now either encountered ransomware or know someone who has. But how many really understand the threat, its potential impact on the organization and how best to mitigate it? To find out, Trend Micro commissioned new research – both to shine a light on the problem and to provide those IT decision makers with some valuable guidance on how to best insulate their systems and data.
With 44 percent of respondents claiming to have been infected over the past 24 months, and 69 percent predicting they will be targeted over the next year, the insight offered by the findings couldn’t come at a better time.
The research might have focused on UK IT decision makers, but its findings can broadly be applied across borders. The truth is that ransomware attackers don’t discriminate. They’re prepared to shut down hospitals, leave schools in disarray and cause widespread disruption to public services and private enterprises. The only thing that matters is the money, and that’s true wherever you’re based.
The good news is that awareness levels are rising – although worryingly nearly 1 in 5 (18 percent) respondents still don’t perceive ransomware as a threat to their organization. That number will surely fall if infections continue to have a major impact on firms. Of those who said they’d been hit with a successful attack in the past two years, a third of their employees and an estimated 31 percent of customers were affected as a result. And it took 33 person hours on average to fix the issues caused by the original infection (and that’s leaving aside the root cause analysis!).
The average ransom demand was $725 (£540), although this rose to over $1,340 (£1,000) in 20 percent of cases. Unfortunately, nearly two-thirds (65 percent) who were targeted ended up paying the ransom, most commonly because they were worried about being fined if data was lost (37 percent). The problem is, if organizations continue to pay, ransomware will continue to deluge IT teams. On the plus side, 81 percent contacted the police after an incident, although in only half of those cases law enforcement could actually help.
That lack of post-incident assistance is a telling stat which highlights the importance of taking preventative measures. As does another: one in five respondents who paid the ransom still didn’t get their data back.
The key is to ensure your organization isn’t infected in the first place, by taking a measured, best practice approach to security based around several common sense steps. Here are a few for starters:
If more IT decision makers take these kinds of precautions, maybe we’ll eventually force the extortionists into changing their tactics, heralding the beginning of the end for the global ransomware epidemic.