Ransomware Poses Evolving Threat to Enterprises in 2017, Report Finds

A research report by Trend Micro and Information Security Media Group finds that enterprises are ill-prepared to defend themselves from ransomware threats.

Hackers are actively targeting companies, the Trend Micro and ISMG data shows. In fact, in 2016, 53 percent of responding companies said they had been victims of a ransomware attack. That figure could grow in the coming year as more ransomware threats come online.

One of the problems with ransomware is that many targeted companies don’t realize they’re under threat until it’s too late. More than 4 in 10 companies said they don’t know how often their networks are being targeted by ransomware creators, effectively making it difficult to fight attacks until it’s too late.

Despite more than half of companies surveyed facing ransomware in 2016 and many admitting they wouldn’t know when they’re being attacked, 59 percent of corporate security leaders said their existing ransomware defenses are “above average or superior.” Trend Micro said in a statement that there is a “disconnect between the perception of organization security defenses and the number of effective ransomware attacks.”

Unfortunately for companies, there’s little chance of ransomware slowing down anytime soon. In fact, Trend Micro found that an average of 10 new ransomware families cropped up each month in 2016. That means each month companies need to worry about 10 more threats than they faced in the previous month.

Although not all companies know how often they’re being attacked with ransomware, those that do know shared some staggering statistics on just how much they need to worry about threats. Nearly 20 percent of companies said that they were hit by ransomware attacks at least 50 times per month in 2016.

Employees continue to be a problem for companies trying to fend off ransomware. A whopping 60 percent of companies surveyed said employees are the primary vehicle by which hackers try to penetrate a network and lock it down.

Keeping a close eye on the corporate website might be important: The report found that 65 percent of ransomware finds its way into the network via compromised websites, according to Trend Micro. In many cases, the ransomware flows from the website to an employee’s email, where a malicious link is clicked and the company finds itself in trouble.

Ransomware obviously can be costly if companies decide to pay the ransom to hackers to unlock their networks. However, 59 percent of respondents said that ransomware’s greatest consequence is business disruption. Another 28 percent of respondents said that ransomware also can cause reputational damage that troubles their businesses.

In 78 percent of cases, companies are using data backup and recovery to sidestep ransomware attacks. The idea is that should data is compromised and deleted off the network by a hacker, it can be restored quickly from a backup. Thanks to this methodology, just 23 percent of ransomware victims actually paid a ransom in 2016.

Trend Micro and ISMG say hackers know companies typically protect themselves by using data backup and recovery. So they’ve changed tack and are exploiting weaknesses before data can be backed up and restored. The companies recommend a multilayered response to ransomware by protecting email, websites, endpoints, networks and servers in addition to data backup and recovery.