New data from security vendor AlienVault shines a light on the real state of ransomware, and how concerned IT organizations are with preparing for and dealing with an attack.
A recent article at AlienVault covered the results of a survey they took at this year’s Black Hat conference around ransomware and other security concerns. Some of the findings reflect that organizations may be overconfident in their ability to prevent attacks:
- 69% say they are prepared (to varying degrees) for an attack
- 17% of organizations have been the victim a ransomware attack
- 42% are willing (again, to varying degrees) to pay the ransom
- Ransomware ranked 5th in a list of 5 security concerns
While there’s no ability to cross-check the raw data, it’s concerning to see over two-thirds of organizations saying they’re “ready” and yet nearly one-fifth have been the victim of an attack (which I can only assume to mean ransomware has infected one or more machines on their network).
Respondents cited security solutions and backups as the two methods of ransomware preparation, with one-third of organizations having over twenty security solutions in place! At a high level, this sounds like organizations are taking the right steps to stop an attack, but it appears that ransomware attacks – which primarily start with phishing attacks – are still happening.
One facet of the security strategy not present in this set of results is the use of Security Awareness Training. Ransomware almost always requires the interaction of a user to click on a malicious link or attachment. Training users to spot suspicious email and web content, and how to avoid being tricked into clicking something they shouldn’t can have a material impact in lowering the risk of successful ransomware attack.