"The prevalence of ransomware in particular has heightened awareness and made cyber security a more urgent issue for a wider range of businesses...businesses in sectors that may not expect to be targeted are falling victim to costly ransomware attacks."
One IT manager at a civil engineering business said it would use the two ransomware attacks the company had faced to encourage the business to invest in new security software. Another company in construction said a disruptive ransomware attack caused its technology team to lose around two weeks of productivity and output.
The survey quoted one executive who said that ransomware had made it easier to show senior managers the scale of the threat if multiple devices could be incapacitated, "and to move business attitudes away from the stereotype of bedroom hackers, to focus more on criminal activity".
"Such attacks also highlight the inherent value of the data that businesses hold, beyond personal or financial data -- with attacks on any kind of data potentially stopping businesses from carrying out day-to-day work and putting relationships with customers at risk."
Other cyber threats
Despite the massive impact that ransomware can cause, it's not the top cyber threat faced by UK business. As per the survey, the most common types of breaches are related to staff receiving fraudulent emails (72%), followed by viruses, spyware and malware (33%) people impersonating the organization in emails or online (27%) and ransomware (17%).
Just under 50% of UK businesses suffered one security breach in the last year, the report said, and four in ten of those said this lead to an outcome such as a temporary loss of files or network access (23%) or systems becoming corrupted (20%). Six in ten of those who identified breaches also said it adversely impacted their organisation, for example through being forced to implement new protective measures (38%) or having staff time taken up dealing with the breach (34%).
Among the 46 percent of businesses that detected breaches in the last 12 months, the survey found that the average business faces costs of £1,570 as a result of these breaches, rising to £19,600 for the average large firm.
F-Secure just published a ransomware timeline infographic which is very interesting. The link goes to a hi-res version.
PS: The "hightened awareness" recommendation is a great way to manage the ongoing problem of social engineering by stepping users through new-school security awareness training. Get a quote now and find out how affordable this is for your organization. You will be pleasantly surprised.
Don't like to click on redirected buttons? Copy/Paste this link in your browser: