Security Firm KnowBe4 has just released the first long-time study focusing on the IT industry’s experience with ransomware. In June 2016 they surveyed 1,138 companies in a variety of industries and compared their levels of concern about ransomware in 2014 to 2016. The results were scary.
Huge Jump in ransomware infections from 20% to 37%
The study showed there is growing apprehension over ransomware, rising to 79% from 73% of those who are very or extremely concerned about it. There was a huge jump in companies hit directly by ransomware at 38% in 2016 compared to 20% in 2014. Midsize companies 250 -1000 were the hardest hit at 54%. Two out of three knew someone who was hit at 65% compared to 43% in 2014. IT professionals surveyed were even more concerned that ransomware will continue to grow, scoring 93% over 88% in 2014.
The survey reveals the level of impact that ransomware has had in two years time. The threat of ransomware is very real and IT professionals are increasingly realizing traditional solutions are failing. IT professionals agree that a multi-faceted approach, including encryption, anti-ransomware software, and security awareness training are the most effective security practice to combat ransomware threats.
Nearly half say they would be forced to pay the ransom
Surprisingly, only 40% of those surveyed would fully rely on backup to solve the situation. However, faced with the potential scenario of several weeks of failed backups, nearly half say they would be forced to pay the ransom. This can have a grave impact on organizations as backups fail 50-66% of the time, according to the method used (tape vs cloud).
According to a report by Symantec, 47% of enterprises lost data in the cloud and had to restore their information from backups, 37% of SMBs have lost data in the cloud and had to restore their information from backups and 66% of those organizations saw recovery operations fail.
Their study shows corporate awareness of phishing attacks has increased but users need more help as techniques evolve and criminal exploits become more sophisticated. The overwhelming majority of IT professionals think the criminals behind ransomware should be prosecuted and sent to jail for a long time. We all generally agree, but US law enforcement has no jurisdiction in Eastern Europe where these criminals are largely free to commit their crimes, and we have to rely on our own ingenuity to protect against this threat.
Fill In The Form Below for industry news, and information about our services, events, webinars and more.