Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Friday, 3 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Could complacency be setting in when it comes to ransomware?

by The Gurus
July 25, 2018
in This Week's Gurus
ransomware
Share on FacebookShare on Twitter

By Chris Ross, SVP International, Barracuda

Ransomware may be a headline favourite, but the attack itself is nothing new. In fact, it’s been around in some form or another for decades. Since last year’s high profile global campaigns such as WannaCry and NotPetya you’d be hard pressed to find anyone who isn’t aware of the threat posed.

But are the headlines representative? Do IT teams really feel the threat day-to-day? Is there a danger that our focus on ransomware could lead us to take our eye off the ball elsewhere?

We wanted to revisit the survey we first carried out last year to find out more about ransomware’s impact, so we conducted a survey of around 630 organisations globally, of which 145 came from EMEA.

What’s top of the agenda for EMEA companies?

There’s no evidence that the threat has diminished, yet the number of businesses saying that ransomware is a concern for them and their organisation has decreased slightly, from 91% in 2017 to 84% this year. That’s still an overwhelming majority, yet when viewed alongside the fall in the number of businesses that had been a victim – 30% this year as opposed to 48% when we conducted the same survey last year – perhaps this suggests that businesses are better equipped?

Maybe that’s why, once they do fall victim, businesses are seemingly more inclined to pay the ransom? Of those that were hit by ransomware, 19% claimed to have paid the ransom. Given that only 3% admitted to paying in 2017, perhaps greater awareness of the issue has also led to greater awareness of the potential consequences of not reaching a swift resolution.

Not paying ransoms is the tactic most recommended by law enforcers and experts, as if enough organisations do it, it will mean that ransomware is no longer a lucrative business for cyber criminals. Is the fact that more ransoms are being paid a huge cause of alarm? Maybe not, but we would urge businesses, regardless of how confident they are that they’ve got the right protection in place, to carry out regular backups meaning that they had another copy of the information and/or systems that were under attack.

An avoidable expense

When asked what type of email security breach is likely to be the most expensive, 32% of EMEA businesses singled out ransomware as the most expensive threat to deal with, due to the cost of a direct payment to regain access to your own systems and information.

So how are these attacks gaining access to the network? It comes as no surprise to us that nearly three quarters (74%) of attacks entered via email, with web traffic (18%) and network traffic (18%) trailing far behind. This is an increase on 2017, where email was identified as the cause in 70% of cases.

This reiterates the importance of having a comprehensive plan to defend against phishing attacks. Phishing and social engineering tactics are specially designed to trick employees into clicking on links and opening malicious attachments in emails spoofed to appear as if sent from a reputable source. Ultimately, until organisations get better at educating their users, this tactic will continue to pay dividends for the black hats.

Back it up

But what’s the answer? By backing up regularly, and adhering to the 3-2-1 backup rule, it is possible to significantly limit ransomware’s impact on an organisation and ensure that affected businesses are not forced into paying for a decryption key which may never be sent.

The 3-2-1 backup rule means:

  1. Make three copies of all of your data
  2. Store those copies in two different environments (cloud, on-premises etc)
  3. Keep one backup copy offsite so it can be kept safe from any environmental issues
FacebookTweetLinkedIn
ShareTweetShare
Previous Post

IoT security – A barrier to deployment?

Next Post

Effort backed by Leading Bodies in the Field Aims to Support National Cyber Security Strategy.

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information