Friday, 7th August 2020

Businesses lack ransomware emergency plans

Despite increase in cases during lockdown, one-in-five admit they couldn’t access a working backup of their data if required.

Ontrack has revealed that four-in-ten (39%) of organisations either have no ransomware emergency plan in place or are not aware if one exists. This is despite more ransomware attacks being recorded in the past 12 months than ever before[1].

Cyberattacks and data breaches can have serious implications for organisations in terms of downtime, financial damage and reputation of the business. Ransomware attacks that seek to encrypt a victim’s data and demand a fee to restore it continue to be prevalent. Unfortunately, the damage caused can be severe and widespread. The largest ransomware attack to date – WannaCry – was estimated to have affected more than 200,000 computers across 150 separate countries. Ransomware today is rife and has been exacerbated by the current work-from-home trend.

One-in-five (21%) of the survey respondents said they had experienced a ransomware attack, and of those, over a quarter (26%) admitted they couldn’t access any working backup after the attack. Even when organisations could access a working backup, 22% of them could either only restore a partial amount of data or none at all.

In most countries, employees have been working under a completely different set of parameters for a couple of months; ones where new security risks are high and where cybercriminals are finding new ways to exploit any weaknesses they can find.

“We have seen a sharp increase in the number of ransomware cases since lockdown began,” comments Philip Bridge, president of Ontrack, LLC. “Unfortunately, this is at a time when more distractions at home have led to an increased amount of complacency by staff. For example, clicking on ransomware- infected links that they wouldn’t click if they were in the office.”

Whilst there are numerous benefits, the remote working seen during lockdown can leave a business’s IT network and systems vulnerable. It adds a huge number of endpoints to organisations that may not have been there previously. Plus, many of them are considered ‘shadow IT’ and have not been vetted by the employer.

“The threat of ransomware has never been greater. The fact that only 39% of respondents to our survey have an emergency plan in place for a ransomware attack is shocking. They are gambling with their and their customer’s data. It is imperative, now as ever, to ensure your organisation has processes and procedures in place to mitigate the impact of any cyber-attack and protect sensitive data,” adds Bridge.

Yet only four out of 10 security leaders in the UK can answer the question, “How secure, or at risk,...
Half of first-time security analysts working in Security Operations Centres (SOCs) plan to leave aft...
Featuring on-premises, controllable enterprise proxy to securely monitor and process automated certi...
LogRhythm has released its report, The State of the Security Team: Are Executives the Problem? The s...
New release brings cloud-native attacks and vulnerabilities to the forefront of the SOC, gives enter...
New research from email security firm Tessian reveals why people make mistakes, how blurred lines be...
The SonicWall Capture Labs threat research team has published the mid-year update to the 2020 SonicW...
BSA | The Software Alliance is pleased that the decision by the European Court of Justice (ECJ) uphe...