It’s easy to see why ransomware aimed at businesses is such a cash cow for criminals: for every Norsk Hydro and Fujifilm that refuses to pay the ransom, there is a Colonial Pipeline and JBS USA that pays up millions.
A recent Randori survey that polled 400 security decision-makers across the US confirms that impression: among the companies that were hit by ransomware in the past two years, 47% have paid the ransom.
How many have been hit?
According to the same survey, ransomware struck nearly half of businesses within the past 24 months!
The threat is so ubiquitous that 74% of the polled security leaders said that, in this day and age, ransomware is simply a cost of doing business.
Should ransom payments be prohibited or not? The question is so difficult to answer that even the Institute for Security and Technology’s Ransomware Task Force could not provide a definitive opinion.
What to do before and after you’ve been hit?
While the White House urges private sector organizations to implement a number of defenses against ransomware, most of those already hit by ransomware are already working on it.
87% of decision makers belonging to that group have changed their security strategy and 40% are increasing their spend. According to the survey, companies shifted their strategy to increase focus on prevention (51%), resiliency (48%), visibility (47%), EDR & disaster recovery (46%).
“Faced with a growing onslaught of attacks, security teams are increasingly looking to adopt more proactive and innovative ways to reduce their operational risk from ransomware,” the company noted.
Randori’s recommendations to reduce enterprise ransomware risks include:
- Knowing what’s exposed and hardening the external attack surface
- Finding a solution for blocking phishing attempts
- Hardening the organization’s top targets first
- Testing the organization’s managed detection and response (MDR) and incident response (IR) capabilities, and
- Creating redundancies and backups.