Ransomware Poses Evolving Threat to Enterprises in 2017, Report Finds

Ransomware Poses Evolving Threat to Enterprises in 2017, Report Finds
Companies Are Constantly Under Attack
Not All Companies Recognize the Signs of an Attack
IT Might Be Overestimating Defense Strength
New Ransomware Families Emerge Monthly
Some Companies Are Being Pelted
Employees Are Unwitting Allies of Ransomware Distributors
Closely Guard Corporate Website
Ransomware Is Costly Even If Hackers Don't Get Paid
How Most Companies Protect Themselves
How Companies Should Protect Themselves
1 of 11

Ransomware Poses Evolving Threat to Enterprises in 2017, Report Finds

A research report by Trend Micro and Information Security Media Group finds that enterprises are ill-prepared to defend themselves from ransomware threats.

2 of 11

Companies Are Constantly Under Attack

Hackers are actively targeting companies, the Trend Micro and ISMG data shows. In fact, in 2016, 53 percent of responding companies said they had been victims of a ransomware attack. That figure could grow in the coming year as more ransomware threats come online.

3 of 11

Not All Companies Recognize the Signs of an Attack

One of the problems with ransomware is that many targeted companies don’t realize they’re under threat until it’s too late. More than 4 in 10 companies said they don’t know how often their networks are being targeted by ransomware creators, effectively making it difficult to fight attacks until it’s too late.

4 of 11

IT Might Be Overestimating Defense Strength

Despite more than half of companies surveyed facing ransomware in 2016 and many admitting they wouldn’t know when they’re being attacked, 59 percent of corporate security leaders said their existing ransomware defenses are “above average or superior.” Trend Micro said in a statement that there is a “disconnect between the perception of organization security defenses and the number of effective ransomware attacks.”

5 of 11

New Ransomware Families Emerge Monthly

Unfortunately for companies, there’s little chance of ransomware slowing down anytime soon. In fact, Trend Micro found that an average of 10 new ransomware families cropped up each month in 2016. That means each month companies need to worry about 10 more threats than they faced in the previous month.

6 of 11

Some Companies Are Being Pelted

Although not all companies know how often they’re being attacked with ransomware, those that do know shared some staggering statistics on just how much they need to worry about threats. Nearly 20 percent of companies said that they were hit by ransomware attacks at least 50 times per month in 2016.

7 of 11

Employees Are Unwitting Allies of Ransomware Distributors

Employees continue to be a problem for companies trying to fend off ransomware. A whopping 60 percent of companies surveyed said employees are the primary vehicle by which hackers try to penetrate a network and lock it down.

8 of 11

Closely Guard Corporate Website

Keeping a close eye on the corporate website might be important: The report found that 65 percent of ransomware finds its way into the network via compromised websites, according to Trend Micro. In many cases, the ransomware flows from the website to an employee’s email, where a malicious link is clicked and the company finds itself in trouble.

9 of 11

Ransomware Is Costly Even If Hackers Don't Get Paid

Ransomware obviously can be costly if companies decide to pay the ransom to hackers to unlock their networks. However, 59 percent of respondents said that ransomware’s greatest consequence is business disruption. Another 28 percent of respondents said that ransomware also can cause reputational damage that troubles their businesses.

10 of 11

How Most Companies Protect Themselves

In 78 percent of cases, companies are using data backup and recovery to sidestep ransomware attacks. The idea is that should data is compromised and deleted off the network by a hacker, it can be restored quickly from a backup. Thanks to this methodology, just 23 percent of ransomware victims actually paid a ransom in 2016.

11 of 11

How Companies Should Protect Themselves

Trend Micro and ISMG say hackers know companies typically protect themselves by using data backup and recovery. So they’ve changed tack and are exploiting weaknesses before data can be backed up and restored. The companies recommend a multilayered response to ransomware by protecting email, websites, endpoints, networks and servers in addition to data backup and recovery.

Top White Papers and Webcasts