Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Report: Half of Organizations Have Been Hit by Ransomware

    By
    Sean Michael Kerner
    -
    November 18, 2016
    Share
    Facebook
    Twitter
    Linkedin

      Ransomware attacks are hitting a lot of organizations and many are getting attacked multiple times. According to a study released on November 18 by security firm SentinelOne, over the past 12 months, 50 percent of organizations have responded to a ransomware campaign.

      The study was conducted for SentinelOne by research firm Vanson Bourn and surveyed 500 cyber-security professionals across the United States, U.K., France and Germany. To add insult to injury, the study found that of those organizations that suffered a ransomware attack in the past 12 months, 85 percent stated that they were hit with three or more attacks.

      Jeremiah Grossman, Chief of Security Strategy at SentinelOne, was not all that surprised that the study found such a high percentage of ransomware attacks.

      “Based on various industry reports, we already had a good sense that ransomware losses were fairly high—at least in the hundreds of millions annually,” Grossman told eWEEK. “We also knew the individual ransoms averaged somewhere in between $500-$2,000, with some organizations paying around $20,000 (U.S.).”

      Kaspersky Lab’s IT Threat Evolution Q3 2016 report, for example, found that 821,865 Kaspersky users were attacked by some form of ransomware in the third quarter, which was 2.6 times more than the previous quarter.

      Grossman noted that SentinelOne had assumed that the number of victims across the board had to be fairly large, which the survey helped to confirm.

      “It’s also encouraging that so many organizations were willing to share that they were victimized—this shows that the industry may be starting to overcome the stigma associated with breach disclosure,” Grossman said.

      In terms of how ransomware is getting to organizations, 83 percent of respondents to SentinelOne’s study reported that the attacks came through phishing emails or social media. Additionally, 59 percent admitted that ransomware attackers gained access after users clicked on links found on compromised websites. In terms of data that is most often impacted by ransomware attacks, 52 percent indicated that financial data was most often affected.

      Given that so many ransomware attacks get through to user systems via user actions, such as clicking on links, the simple solution might just be to tell users not to click on things form unknown sources. however, in Grossman’s view, simply advising users to not click isn’t enough.

      “We could instruct users to not click on attachments in email, in fact many have, only to find that the guidance doesn’t work well long-term,” Grossman said. “Eventually, users will make a mistake. We all do.”

      Grossman added that in his personal opinion, users should be able to click on whatever they want, without having to worry about whether it will negatively impact their computing environment.

      “Idealistic as this concept might be, this is the approach we’re reaching towards,” Grossman said.

      Enabling users to click on whatever they want, without falling victim to malware and ransomware is not an easy task. 52 percent of respondents agreed that they have lost faith in traditional cyber-security, such as antivirus.

      “Anti-malware is often something organizations have to buy, whether they have faith in the protection it provides or not,” Grossman said. “So they’ll continue to buy the traditional products until something better comes along, and that’s what we’re seeing now.”

      SentinelOne itself provides a product that aims to limit the risks of ransomware. Grossman noted that if the SentinelOne software is properly installed and configured on the endpoint, his firm has not seen any infections.

      Ransomware operations are often run as large campaigns that only rely on a small number of users to pay-up, to actually be successful. Check Point released a study on August 18 of the Cerber Ransomware family which found that only 0.3 percent of victims paid a ransom.

      Grossman commented that since ransomware distribution doesn’t require much in terms of resources, extortionists will run campaigns back-to-back, track their results and constantly improve their methods.

      One of the most often asked questions when it comes to ransomware is whether or not it makes sense to pay a ransom or to buy security software.

      “It isn’t cheaper to purchase anti-malware products, ransoms tend to be extremely cheap,” Grossman said. “The risk, of course, is that there is no guarantee that the extortionist will hold up their end of the bargain and provide the deception key.”

      Additionally, there’s also the risk that ransomware attackers will come back soon after an initial payment is made, with a second payment demand.

      “Time is money as they say,” Grossman said. “So, it’s better and safer to purchase the best preventative measures you can, biased towards vendors that guarantee performance, and also be prepared for fast detection and recovery.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Avatar
      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×