Ransomware Still Plagues Organizations Despite Feeling Prepared for an Attack



mobile-ransomware-filecoderCNew data from security vendor AlienVault shines a light on the real state of ransomware, and how concerned IT organizations are with preparing for and dealing with an attack.

A recent article at AlienVault covered the results of a survey they took at this year’s Black Hat conference around ransomware and other security concerns. Some of the findings reflect that organizations may be overconfident in their ability to prevent attacks:

  • 69% say they are prepared (to varying degrees) for an attack
  • 17% of organizations have been the victim a ransomware attack
  • 42% are willing (again, to varying degrees) to pay the ransom
  • Ransomware ranked 5th in a list of 5 security concerns

While there’s no ability to cross-check the raw data, it’s concerning to see over two-thirds of organizations saying they’re “ready” and yet nearly one-fifth have been the victim of an attack (which I can only assume to mean ransomware has infected one or more machines on their network).

Respondents cited security solutions and backups as the two methods of ransomware preparation, with one-third of organizations having over twenty security solutions in place! At a high level, this sounds like organizations are taking the right steps to stop an attack, but it appears that ransomware attacks – which primarily start with phishing attacks – are still happening.

One facet of the security strategy not present in this set of results is the use of Security Awareness Training. Ransomware almost always requires the interaction of a user to click on a malicious link or attachment. Training users to spot suspicious email and web content, and how to avoid being tricked into clicking something they shouldn’t can have a material impact in lowering the risk of successful ransomware attack.


Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransomware-simulator



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews