Ransomware success creates apathy towards traditional antivirus software
In the last 12 months, 48 percent of organizations across the globe have fallen victim to a ransomware campaign, with 80 percent indicating that they’ve suffered from three or more attacks, according to a global survey conducted by Vanson Bourne.
In response to ransomware attacks, 67 percent of businesses globally have increased IT security spending, and 52 percent reported that they are changing their security strategies to focus on mitigation. Fifty-four percent also agreed that their organizations have lost faith in traditional cybersecurity, such as antivirus.
“Ransomware has become one of the most successful forms of cybercrime in 2016 and is on the top of every security professional’s list of most prolific threats,” said Jeremiah Grossman, Chief of Security Strategy at SentinelOne. “It’s not surprising to see high levels of apathy towards traditional antivirus software, and we don’t expect the ransomware epidemic to slow down anytime soon. The situation is likely to get far worse, as some of the ill-gotten gains will be invested into research and development designed to improve encryption strength and utilize new delivery methods, as witnessed with Locky.”
Hacker motives and business responses
According to the survey, 81 percent of respondents globally that suffered ransomware attacks reported that attackers were able to gain access to their organization’s network through phishing emails or social media. Half reported that the attacker gained access through a drive-by-download caused by clicking on a compromised website, while 40 percent stated that the attack came through an infection via botnet.
Employee information (42 percent), financial data (41 percent) and customer information (40 percent) were the types of data most often affected by these attacks. Respondents identified the most likely motives of their attackers as financial gain (54 percent), operational disruption (47 percent) and cyber espionage (42 percent).
“These results further shed light on ransomware, where now, any and all types of sensitive data are targeted and can lead successful extortion,” continued Grossman.
- Only 13 percent of respondents in the UK notified their cyber insurance providers upon suffering a ransomware attack, while 50 percent notified law enforcement and 69 percent informed their CEO and board.
- Despite the prevalence of attacks, companies in the U.S. are still willing to assume responsibility for breaches—only 42 percent would demand answers from their IT security vendors.
- Attacks targeting German organizations for ransom most often encrypted employee and customer information, at 57 percent and 51 percent, respectively.
- Nearly one-third (31 percent) of organizations in France experienced 3-4 ransomware attacks in the past 12 months.
“As they have for decades, cyber-criminals continue to illegally access sensitive data by simply tricking users. This problem has not been addressed nor can it be solved by adding more firewalls and end-user trainings,” concluded Grossman. “To make a positive impact, both customers and vendors must make real changes to the defense tools they use and design. It’s clear that there’s an immediate need for a new generation of security technologies that can discover, stop and adapt to the new breed of threats and hacker strategies.”