About 55% of organizations in a recent survey were compromised by ransomware in 2017, down from 61% in 2016.
According to Imperva’s CyberEdge Group's fifth annual Cyberthreat Defense Report, which polled 1,200 IT security decision makers and practitioners participating from 17 countries, 6 continents, and 19 industries, respondents who were victimized by ransomware and who elected to pay the ransom (usually in Bitcoin) were asked if they successfully recovered their compromised data. Surprisingly, only half confirmed successful data recovery, while the other half acknowledged complete data loss.
Out of the companies that refused to pay the ransom, a full 87% recovered their data.
“Just over half of the survey respondents admitted that following a ransomware infection they still lost their data even though they paid the fine,” said Terry Ray, CTO, Imperva. “This highlights the reality that there is no guarantee a company will get their data back if they pay the ransom. Companies therefore need to stop ransomware attacks from the very beginning, before the encryption of data takes place. The best way to prevent an attack is to immediately detect ransomware file access behaviors before the ransomware spreads across the network and encrypts file servers. Once detected, you can quarantine impacted users, devices and systems.”
Respondents also revealed that a lack of skilled personnel is the greatest inhibitor for organizations adequately trying to defend against cyber-threats. The IT security skills shortage varies little by organization size, both in terms of the overall level of impact and the impact by role.
One of the most significant changes in this year’s report is the fall of insider threats: from 3rd to 10th.
“This statistic does raise a red flag, because while concern over insider threats has decreased over the last year, organizations should not overlook the threat as it is still very real,” said Ray. “To protect against insider threats, organizations can depend on solutions that leverage machine learning to analyze patterns in user behavior and detect insider threats at a much greater speed than humans.”