Apprehension over ransomware is growing rapidly, rising to 73 percent from 48 percent of those who are very or extremely concerned about it, according to a survey from security awareness training company KnowBe4.
If confronted with a scenario where backups have failed and weeks of work might be lost, an astounding 57 percent of those polled said they would begin with paying the $500 ransom and hope for the best.
Confidence in email and spam filtering effectiveness dropped from 88 percent to 64 percent, and the survey found if faced with 4 hours of lost work from ransomware encryption, 81 percent would rely on backup.
The survey revealed 88 percent of the 300 IT professionals surveyed expect ransomware to increase the rest of the year, with 47 percent feeling email attachments pose the largest threat.
Meanwhile, IT pros indicated they are feeling less protected, as confidence in endpoint security dropped from 96 percent in January to 59 percent.
“We thought it would be interesting to use the same questions to see what impact ransomware has had in six months time. We found the threat of ransomware is very real and IT professionals are increasingly realizing traditional solutions like endpoint security are failing,” Stu Sjouwerman, CEO of KnowBe4, said in a statement. “IT pros agree that end-user security awareness training is one of the most effective security practices to combat these ransomware threats.”
KnowBe4 recommends frequent training to keep employees aware and feels so confident about the effectiveness of their program that they will cover its customer’s crypto-ransom if they get hit.
According to a report by EMA, more than half (56 percent) of employees still receive no security awareness training, and the programs that do exist are not all the same.
“It appears the Russian cyber-mob has picked a highly profitable business model. Our study shows the overwhelming majority of IT pros think the criminals behind ransomware should be prosecuted and sent to jail for a long time,” Stu Sjouwerman, CEO of KnowBe4, said in a statement. “We agree, but U.S. law enforcement has no jurisdiction in Eastern Europe where these criminals are largely free to commit their crimes.”
Most IT managers rely on backup to get out of a tight spot, but 57 percent agree that if their backup fails, they would be forced to pay the ransom.
The report warned that this can have a grave impact on organizations as backup fails 50-66 percent of the time, according to the method used (tape versus cloud).
According to a similar report by Symantec in 2013, 47 percent of enterprises lost data in the cloud and had to restore their information from backups, 37 percent of small and midsize businesses have lost data in the cloud and had to restore their information from backups and two-thirds of those organizations saw recovery operations fail.