It appears organizations are losing the war against ransomware despite efforts to improve their system security. SpyCloud’s 2022 Ransomware Defense Report finds enterprise security lacking in areas known to open the door to these attacks. With the report finding ransomware affected 90% of organizations in some way over a12 month period it looked at how enterprises can close security gaps and reduce system vulnerability to this devastating malware.
Ransomware by the Numbers
SpyCloud’s report gives an up-to-date look at what organizations risk when ransomware takes hold. While all results are costly in some way, some impact an organization’s future success more than others. On a scale from one to five, with five being most severe, participants rated how a ransomware attack affected them. Most significant was “Exposure of sensitive or proprietary data” at 3.92 and “Damage to brand reputation” at 3.85. Others like “Loss of revenue due to operational disruptions” at 3.69 and “Hard cost of paying the ransom” at 3.60 are still above the ultimate loss “Having to close/shut down the business” at 3.47.
Hardening Security Ain’t Perfect
Since last year, the report finds many more organizations are boosting MFA (multi-factor authentication), requiring stronger passwords, and monitoring compromised employee credentials. Still, criminals are undermining these efforts. Reacting to the increased security procedures, hackers respond by expanding their traditional efforts to circumvent them. New ways of infection, like installing malware on personal devices used for work, is one way of getting past these protections.
Ted Ross, SpyCloud CEO, addresses the security gap organizations face even with expanded security practices “Organizations may not be aware that undetected malware infections on personal devices represent the riskiest of those gaps. This report shows organizations are spending time and money on solutions that leave sensitive data exposed.”
Malware Fights Back
The undisputed scourge of online security, a malware infection is the essential part of installing ransomware. Different malware is designed with diverse hacking goals in mind, and most can support ransomware infections in some way. For example, there is credential-stealing malware and those that hijack device or web session cookies and browser fingerprints. They allow a criminal to impersonate an employee, circumvent MFA and other protections, and ultimately install ransomware that encrypts system data.
As SpyCloud’s report finds, there’s currently no silver bullet to entirely prevent ransomware attacks. But until that time arrives, a robust security strategy that includes employee cyber-education is always recommended. Since employees are often at the front lines when it comes to defense against cyberattacks, a cyber-smart staffer is an essential part of any organization’s secure environment. When implementing awareness security for your organization, don’t stop at once a year and consider it complete. Threats are changing all the time and awareness training should be continuous. Even if a threat is active for a short period, another one or even an evolved version of the first one can rear its ugly head at the same time. Cybercriminals don’t stop. Neither should the act of educating your staff.