Ransomware: If You Think You’re Prepared, You May be Wrong

Every year, our Chief Technology Officer (CTO), Raimund Genes sits down with our researchers and experts around the world and develops his predictions for the coming year.

And this year, we decided to ask people how prepared they were to meet this year’s predictions. Since January, we’ve been doing an online survey asking people questions that measure their readiness to meet the different challenges we outlines for the coming year.

We’ve completed the analysis of responses we’ve gotten from January to May of this year. And there’s a lot of interesting information we’ve pulled out of those responses. We’ve done some analysis around the responses to different predictions based on region and the industry of the respondents.

There’s a lot of good information in the results and you can see it for yourself here.

One of the things Raimund highlighted in his predictions was that 2016 would be year of Online Extortions; and the ransomware crisis of 2016 is showing how accurate that prediction is. Looking at what we’ve learned from our respondents’ answers and recent events gives us a lesson that should give everyone pause.

When we look at how prepared our respondents are for Online Extortion by sector, we see that healthcare looks to be one of the most prepared to meet that threat. The table below shows the sector’s responses that were “least prepared” to the questions around “Online Extortion:”

And yet, we hear in the news how healthcare has been hit by ransomware, badly in some cases.

What should we take from this seeming disconnect between preparedness and reality? Simple: that when it comes to ransomware, we’re not as ready to meet the threat as we might think or can be.

Our survey is one that requires the respondents assess their readiness on their own: their answers show how ready and secure they believe they are.

In regards to ransomware, this self-assessment can be a problem because ransomware is attacking through email and web vectors, vectors whose protections many took a “set it and forget it” point of view towards years ago. Just because our respondents give answers that show they’re ready, it doesn’t mean they really are ready. And as I’ve written about email threats in particular, this complacency around email security has fueled not just ransomware but also Business Email Compromise (BEC) attacks recently.

While this isn’t an exhaustive survey, the self-assessment part of it and current events show that there can be a real risk around believing that you’re prepared when in fact you’re not.

And this risk shouldn’t be seen as specific or isolated to healthcare: ransomware is a threat that all sectors face. Going back to our data, manufacturing would seem to be the most prepared to meet ransomware, but is it really? If a successful ransomware attack can force a hospital to abandon computers and return to pen and paper, what could one do to a car assembly factory that’s even more reliant on automation than hospitals?

This is just one example from our recent survey: there’s more to find in the full survey. But if there’s one lesson from the survey that everyone should take and act on right away, it’s that the ransomware threat should be met with a full reevaluation of your organizations countermeasures to see if they really are matching the latest threats out there.

If you are in healthcare, another thing you should do is check out our newest publication with information on what you can do to help meet and counter the ransomware threat. “Enterprise Network Protection against Cyber Attacks: Ransomware in the Healthcare Industry” has just been published and can help you see if you’re truly ready to meet this threat and if not, what you need to do to be ready.

Please add your thoughts in the comments below or follow me on Twitter; @ChristopherBudd.