Failure of traditional defences in preventing attacks
Traditional ransomware defences are failing, with 54 per cent of all victims having anti-phishing training and 49 per cent having perimeter defences in place at the time of attack, according to a recently released report by Cloudian. Citing this and other findings from the survey—including the widespread impact of the attacks and the average financial costs totaling over US$400,000—the report calls for organisations to focus greater attention on putting systems in place that enable quick data recovery in the event of an attack, without paying ransom.
Despite Defensive Measures, Ransomware Gets In
Many organisations spend large portions of their cybersecurity budget on defensive measures such as anti-malware software and anti-phishing training for employees. Despite these efforts, however, ransomware attacks have become increasingly sophisticated, enabling cybercriminals to penetrate the defences. The survey found that:
- Phishing continues to be one of the easiest paths for ransomware, with 24 per cent of ransomware attacks starting this way.
- Phishing succeeded despite the fact that 54 per cent of all respondents and 65 per cent of those that reported it as the entry point had conducted anti-phishing training for employees.
- 49 per cent of respondents had perimeter defences in place prior to the successful attack.
- Public cloud was the most common point of entry for ransomware, with 31 per cent of respondents being attacked this way.
Attackers Move Fast and the Impact is Widespread
Once cybercriminals are able to insert ransomware, they can quickly take over and significantly impact all aspects of an organisation:
About 56 per cent of survey respondents reported that attackers were able to take control of their data and demand ransom within just 12 hours, and another 30 per cent said it happened within 24 hours.
More than half of those surveyed said the attacks significantly impacted their financials, operations, employees, customers and reputation.
The Financial Costs Go Beyond Just Ransom Payments
Ransom payments are significant and rising, but they’re not the only costs of an attack. For the 55 per cent of respondents that chose to pay the ransom:
- The average ransom payment was US$223,000, with 14 per cent paying US$500,000 or more.
- They spent an average of US$183,000 more for other costs resulting from the attack.
- Cyber insurance covered only about 60 per cent of the ransomware payment and other costs, presumably reflecting deductibles and coverage caps.
- Despite paying ransom, only 57 per cent of respondents got all their data back.
“The threat of ransomware will continue to plague organisations around the world if they do not change their approach and response to it,” said Jon Toor, chief marketing officer at Cloudian. “Cyberattacks can penetrate even the most robust defences, so it’s critical that organisations prioritise being able to recover quickly from an attack.
The best way to do so is to have an immutable backup copy of your data, which prevents hackers from encrypting or deleting the data for a specified period of time. As a result, organisations can recover an unencrypted copy of their data in the event of an attack without having to pay the ransom.”