Ransomware is a type of malicious software designed to block access and encrypt data on your computer until you pay a ransom. As such, the number of major cyberattacks on enterprises is rising month after month. But have companies really been affected by ransomware? What makes an enterprise vulnerable to ransomware? And why are ransomware attacks on the rise?
Pulse interviewed over 300 business decision-makers to find out. Below are the key findings:
Key Findings
57% business leaders believe that their organizations are vulnerable to cyber-attacks.
71% business leaders have already experienced ransomware attacks.
The biggest consequence of a successful ransomware attack is reputational damage, followed by the fear that it could inspire copycat cyberattacks (70%).
37% leaders believe that most organizations are vulnerable to ransomware because they do not have a unified cybersecurity strategy.
Ransomware has been a growing problem for businesses.
The number of ransomware attacks is rising rapidly. In 2021 alone, there were 2,700 cases reported. This trend is largely attributed to the pandemic which saw many people working from home or taking jobs outside their offices, and with hybrid work culture looking set to stay among organizations, ransomware attacks are most likely to stay.
Hence, it is no surprise that most business leaders (three-quarters – 71%) have experienced a ransomware attack.
Despite facing these cyber-attacks, organizations are not seemingly prepared for them with most (57%) believing they will face another one in future too. This expectancy of attack is higher amongst those who have experienced a ransomware attack than those who haven’t (45%). This suggests that most business executives are aware of cyber-attacks and are preparing for the worst.
Paying a ransomware demand isn’t the best option for business leaders.
When businesses are hit by a cyber-attack, they have no choice but to pay a ransom to recover from it. Paying the ransom may seem like a quick way to restore data, but there is always the risk that businesses may not get all of their information back.
According to the report, more than half (54%) of organizations were able to fully recover their data after a ransomware attack. However, of the organizations that paid the ransom, 52% were able to recover their data, while 65% opted not to pay it.
It is clear from the report that most organizations are not in favour of paying a ransom to hackers.
“People are paying, so there is a market. Frankly, I’d rather pay the penalty than pay the criminals.” – VP, large education company
Having a unified cybersecurity strategy is crucial for protecting an organization from ransomware attacks.
Research results show that the main reason organizations fall victim to ransomware attacks is because they lack an integrated cyber security strategy (37%), followed by technology vulnerabilities (21%) and poor risk management strategy (17%).
Respondents identified employees as the main vulnerability to ransomware attacks. The top 2 factors that took them under attack are employee negligence (78%) and social exploitation of employees (78%). It is noteworthy that a lot of business leaders (42%) believe that organizations are still operating legacy infrastructure due to which new ransomware vulnerabilities are being identified and hence, high profile ransomware incidents are being reported in the news.
Furthermore, the survey found that energy infrastructure (79%) and healthcare (72%) are the industries most likely to fall victim to ransomware attacks. The government sector is the third biggest target of ransomware hackers (71%).
Overall, the report shows that traditional cyber security strategies are failing because both technologies and humans make mistakes that create vulnerabilities in their systems – which are avoidable. To prevent ransomware attacks, organizations need to step up their cyber security. They are recommended to use a comprehensive cyber security solution that can effectively detect any advanced ransomware attack and provide timely remediation of the incident.
Assess the level of your security today!
Download the report here.
Read Next: 14% of incidents detected by MDR teams are high severity incidents, says Kaspersky report
