A year after the WannaCry ransomware attack impacted an estimated 200,000 victims, new research has revealed that organisations across the UK are still struggling to deal with ransomware.
Webroot surveyed over 400 IT decision makers at UK businesses and found that 45 per cent of those surveyed had suffered a ransomware attack, with nearly a quarter (23 per cent) actually paying the ransom. Despite this finding, 88 percent of organisations feel better equipped to deal with an attack following WannaCry, suggesting a sense of false confidence.
This sentiment is magnified in the healthcare industry, where organisations are more prone to attack than other industries surveyed. Over half of healthcare companies polled (52 per cent) suffered an attack. Despite this, 98 per cent of respondents in the healthcare sector feel better equipped to deal with a ransomware attack than a year ago.
While the WannaCry ransomware campaign may have had its chaotic focal point in May of 2017, Webroot data shows this strain of ransomware remains a serious threat today. In the past year, researchers detected more than 12,000 unique WannaCry executables, most only seen on one machine, pointing to polymorphic malware. Despite WannaCry being more than a year old, criminals are still exploiting it, with Webroot detecting over 500 new variants each month.
- 45 per cent of organisations surveyed have suffered a successful ransomware attack, a number that rises to 52 per cent of organisations in the healthcare sector.
- 14 per cent of these organisations have fallen victim to ransomware several times. In the healthcare sector, multiple attacks hit over one in four (26 per cent) of organisations.
- When the infection spread, the IT department was the first entry point (47 per cent), followed by the finance department (21 per cent).
- Organisations are pessimistic about ransomware, with 69 per cent expecting to fall victim to this type of attack in future.
- Of those hit by ransomware, nearly a quarter (23 per cent) actually paid the ransom, suggesting that they had no feasible recovery plan alternative.
- Of those sampled, 56 per cent would consider paying the ransom if under attack. The healthcare sector is more cautious, with 34 per cent holding this view.
- 5 per cent have stocked Bitcoin to pay a ransom, rising to 8 per cent in the healthcare sector.
- 88 per cent of organizations and 98 per cent of healthcare organizations polled feel better equipped to defend against cyberattack since WannaCry.
“The solution against ransomware is risk mitigation, which takes the form of intelligent data management. Businesses must look at the monitoring, auditing, reviewing and improvement of data protection, alongside internal employee education, impact assessments and disaster recovery strategies so even when the worst does occur, organisations can continue operating with their data as normal,” said Mark Adams, regional VP for the UK and Ireland at Veeam.
Risk mitigation and recovery processes are overlooked by high proportions of respondents
- 36 per cent don’t have a regular back-up system (32 per cent in healthcare)
- 40 per cent haven’t invested any more money in defences since 2017 (34 per cent in healthcare)
- 46 per cent haven’t held staff training on ransomware (42 per cent in healthcare)
- 59 per cent haven’t held IT crisis drills (58 per cent in healthcare).
“Organisations still aren’t investing the necessary time and resources in risk mitigation and recovery processes, leaving them with limited options in case of a successful attack. The healthcare industry in particular needs to be very aware of the fact that it is a high profile target, with valuable data at stake, and take special care to ensure that defences are in place,” said David Kennerley, Director of Threat Research, Webroot.