by Bharat Mistry
It’s hard to overestimate just what a major impact ransomware is having on UK organisations. And yet anecdotal evidence suggests there is still widespread ignorance in the business world about exactly what it entails, how it works, and what can be done to halt its spread. That’s why Trend Micro recently commissioned a major study on the topic, which we hope will help uncover the truth about ransomware, its impact on the UK and how to prevent it.
Launched at the CLOUDSEC UK conference in London this week, the research tells us that a staggering 44% of British organisations have suffered a ransomware infection over the past two years. It’s time IT security teams got serious about what is now a major threat.
Behind the headlines
Judging by the responses of over 300 IT decision makers in large UK organisations, it’s clear that firms need to focus their efforts on taking preventative measures, because once it has found its way onto the network, ransomware can cause significant damage. In fact, those targeted by such an attack claimed that it affected on average one third of their employees and almost the same percentage (31%) of customers. And it took an estimated 33 man hours on average to fix the problem.
The average sum requested was £540, although this figure jumped to over £1,000 in one in five cases. Given the post-Brexit challenges facing many organisations today, few can afford to succumb to costly ransomware infections – especially considering the potential industry fines, damaged reputation and lost revenue that can follow.
It’s important that organisations resist the urge to pay up. Why? Because for one thing it will encourage the black hats to continue with their campaigns. But also because you might still not get your data back. In the Trend Micro research a significant 20% paid the ransom but then found they couldn’t access their mission critical files.
So what should IT decision makers do to fortify their organisation against attacks?
Back-up files: Regular back-ups mean you can face down your attacker with confidence. Ensure you do this via the 3-2-1 rule: at least three copies, in two different formats, with one copy off site/offline.
Educate users: Ensure staff know not to click on anything suspicious or open attachments in unsolicited email.
Layered protection: Most ransomware attacks the organisation via the web/email gateway or endpoint. But there’s an increasing need to defend servers and networks against new strains. A layered approach to security will help.
Network segmentation: This will reduce the chances of ransomware spreading throughout the organisation.
Application control: Taking a whitelist approach means anything non-sanctioned can’t run on your systems, further reducing the chances of a successful ransomware infection.
Trend Micro has discovered 79 new ransomware families already this year, a 179% increase on the figure for the whole of 2015. And 69% of IT decision makers believe they’ll be targeted in the next 12 months. So think fast and start planning now to avoid becoming yet another ransomware statistic.