One of the most common cyberthreats impacting IT Professionals around the world is ransomware, a malicious program made for devices to lock data from users unless they pay a ransom.
At least one in five organizations have fallen victim to a cyberattack, while almost one in ten were forced to pay a ransom to recover data after the attack, according to a survey from Hornetsecurity.
The average downtime a company experiences after a ransomware attack is 21 days, which can be fatal for some companies, without taking into consideration the cost of the data recovery, the payment of the ransom and long-term brand damage.
The average amount of ransom payments that companies were forced to pay in 2020 was $170,404. Over 90% of Hornetsecurity respondents who said they were attacked were able to recover data from a backup. About 9.2% were left with no choice but to pay the ransom to recover their data.
The survey also noted those who reported paying a ransom, under 12% were able to recover all their data through backups. Without access to shared data organizations are dead in the water.
“It is therefore clear that having malware protection present at all levels of the organization is essential, particularly on end-points that have easy access to servers and network storage. This is especially true for companies with employees who work remotely and rely on access to network storage via VPN, as local storage is not an option,” says Hornetsecurity.
Backups are the lifeblood of anti-ransomware strategy
If a shared drive is encrypted by malware, IT teams can recover from a recent backup without much data loss. Hornetsecurity’s survey revealed that over 17.2% of ransomware attacks on its respondents targeted backup data, revealing a loophole. If backup data is maliciously encrypted, it becomes useless as a ransomware protection method.
The most common forms of ransomware protection are end-point detection software with anti-ransomware capabilities and email filtration and threat analysis, according to the Hornetsecurity survey. Endpoint detection software scans and analyses end points like laptops, computers, mobile phone or tablets for ransomware threats and raises an alarm when there is one.
The most common source of malware is email. Employees can fall victim to ransomware through malicious attachments sent via email or other system vulnerabilities.
Education on how to prevent ransomware attacks can be lacking, according to the Hornetsecurity report. More than a quarter of organizations surveyed did not provide training to end users on how to recognize and handle potential ransomware threats.
About 22.2% of those surveyed believed that Microsoft 365 data is immune to ransomware attacks or stated they didn’t know whether it could be affected.
Despite ransomware being one of the most common type of cyber threats, only a third of businesses have insurance coverage for such attacks.
Having cyber insurance is “not a bad idea in theory, however, it may not necessarily be feasible for many organizations. Covering ransomware cases involves accounting for the entire operation of the company and may require certain preventative measures to be taken to qualify for the insurance. So, while it’s always a good idea to cover all your bases, we don’t suggest sacrificing a potential upgrade to your internal IT and backup security in favor of purchasing ransomware insurance,” says Hornetsecurity.