By Anthony O’Mara, Vice President EMEA, Malwarebytes
Malwarebytes recently sponsored a survey report, entitled “State of Ransomware,” which was conducted by Osterman Research to explore the frequency of ransomware attacks experienced by UK firms, ransom cost, infiltration points, impact, preparedness and more.
The research painted a grim picture for senior UK staff, with the country suffering the highest percentage of ransomware attacks out of all those other countries surveyed – US, Canada and Germany. Highlights of the UK results include:
- Highest number of attacks overall: Senior UK IT staff (54%) suffered the highest number of ransomware attacks despite seemingly being confident in their ability to stop it (87.2%)
- Over half of UK CISOs (58.2%) paid the ransom, the second highest percentage of the international research base and 21 times higher than their US counterparts
- UK companies lose the most money to ransomware: The UK had the highest amount of revenue loss worldwide, with 60% saying the attack cost the company financially, nearly 10x more than US counterparts.
- Senior UK IT staff unsure of the attack’s point of entry: Lowest per cent globally in terms of awareness of which device the ransomware entered the organization through, nearly a quarter (22%) had no idea whatsoever.
- Damage in UK businesses is crippling: Worryingly, the UK had the highest % of ransomware encrypting every single device on the corporate network, with 9% of all organisations suffering total blackout through encryption. In the US and Germany, not a single person suffered from this problem.
- No training in the UK: Despite all this, UK IT managers are least likely to put any kind of ransomware training in place or educate users about how to protect themselves and their organisations.
The full report is available to download here
Ransomware continues to be one of the biggest cybersecurity threats in the world and is on pace to be a $1 billion a year crime. Every week there are fresh ransomware threats with new functionalities and improvements – zCrypt, Peyta, TeslaCrypt and Locky to name but a few. From the research findings above, it is clear that UK companies are struggling to protect and prevent ransomware attacks. How can companies ensure that they stay protected?
There are a number of initiatives that companies can put in place to ensure they don’t fall victim to ransomware. Today’s cybercriminals are not using yesterday’s tactics. Their strategies have evolved but thankfully so have security techniques and best practices.
Top 5 Tips to Secure Your System and Data
- Employ Cloud Backups
- Physical backups are vulnerable to ransomware
- Use a trusted cloud backup
- Make authentication difficult
- Install ‘Anti’ Software
- Protect against exploits
- Protect against malvertising
- Protect against ransomware
- Use ‘No Script’
- Prevent scripts from running in browser
- Circumvent tracking and fingerprinting from malvertising
- Use Multi-Factor Authentication / SSO
- Require multiple factors to log in
- Has one authentication source / SSO
- Has one financial provider
- Utilise Virtual Machines
- Protect all endpoints from infection spreading
- Quick restoration of clean slate
- Quick deployment of common operating environment (COE)
Recognising that a single security layer will also not protect your network from everything. Today’s IT environments differ drastically from those just a decade ago. Not only was malware static and easy to detect, IT departments ruled their data centres in near absolute fashion. In contrast, today’s IT environment has limited ability to control what’s on the network as there are far too many endpoints to manage. Employees access networks using a multitude of mobile devices each with varying operating systems, performing tasks on a variety of client-based and cloud-based applications and visit website containing malware that antivirus software has yet to blacklist.
Antivirus software, along with other perimeter defence solutions, no longer can guarantee protection from the seemingly countless types of malware infiltrating networks. According to Verizon’s “2015 Data Breach Investigations Report,” malware is part of the event chain in virtually every security incident. Moreover, Verizon’s survey points out that between 70 and 90 percent of malware found in breach investigations are unique to the organization that has been compromised. 80 percent of malware is delivered via exploit kits, and 80 percent of subsequent malware infections come as a result of application vulnerabilities.
The first step to improving security is to take a layered approach, one that doesn’t place excessive reliance on a single tool or tactic to stop malware from damaging the network. Included in the robust layered information security framework organisations also need to implement employee education, the deployment of network connection firewall and sandboxes, endpoint security and the creation of crisis response teams.
Malwarebytes is launching new anti-ransomware additions to Malwarebytes Endpoint Security (MBES) that delivers powerful multi-layered defence for smart endpoint protection against malware, and now ransomware.