Half of organizations hit by a ransomware attack are struck multiple times, with exposed infrastructure stretching well beyond the endpoint, according to a new study from Druva.
The security vendor polled over 830 IT professionals across the globe to compile its Annual Ransomware Report.
It revealed that 80% believe attacks are increasing, with half of those already struck claiming that they’d been hit more than once.
What’s more, although unsolicited emails are often the cause of initial infection, exploiting employees’ lack of cyber-savvy, and infecting endpoints (60%), a third (33%) of attacks struck corporate servers and 7% targeted cloud apps.
This drives home the importance of a defense-in-depth strategy to ensure maximum protection from ransomware.
With multiple devices infected in 70% of cases, the report also highlights the value of speed-to-detection.
It’s disappointing, therefore, that IT departments took longer than two hours to detect such threats in 40% of cases.
Druva claimed this highlights the importance of automated threat monitoring and detection systems.
Backing up data is also key, so it’s heartening to find that 82% of respondents claimed to have been able to recover data by restoring from back-up.
It’s important to note, however, that best practice suggests IT teams follow the 3-2-1 rule: three back-up copies on two different media with one back-up offsite.
Druva CEO, Jaspreet Singh, argued the report’s findings illustrate the importance of planning.
“Simply put, protecting data protects your bottom line,” he added. “It’s no surprise that more and more companies are relying on back-up to recover from ransomware attacks. Simple preventative planning greatly mitigates what could otherwise be costly and destructive to data recovery, not to mention devastating to overall business viability.”
This week’s ‘Petya’ outbreak has shown once again the potentially catastrophic effects of ransomware, especially when combined with an effective propagation mechanism.