According to a recent report, two-thirds of organizations have been the target of at least one ransomware attack. Read on to know more…
The 2021 Global State of Ransomware Report was released by Fortinet. According to the survey report, ransomware is more of a concern for most organizations than other cyberthreats. While the majority of organizations surveyed said they are prepared for a ransomware attack, including employee cyber training, risk assessment plans, and cybersecurity insurance, there was a clear divide between what many respondents viewed as essential technology solutions for protection and the technology that can best guard against the most commonly reported methods of gaining access to their networks.
Rajesh Maurya, the Regional Vice President, India & SAARC at Fortinet said, “According to a recent FortiGuard Labs Global Threat Landscape report, ransomware grew 1070% year over year. Unsurprisingly, organizations cited the evolving threat landscape as one of the top challenges in preventing ransomware attacks. As evidenced by our ransomware survey, there is a huge opportunity for the adoption of technology solutions like segmentation, SD-WAN, ZTNA, as well as SEG and EDR, to help protect against the threat of ransomware and the methods of access most commonly reported by respondents. The high amount of attacks demonstrates the urgency for organizations to ensure their security addresses the latest ransomware attack techniques across networks, endpoints, and clouds. The good news is that organizations are recognizing the value of a platform approach to ransomware defense.”
Organizations were most concerned about remote workers and devices, based on the technologies deemed critical, with Secure Web Gateway, VPN, and Network Access Control among the top picks. While Zero Trust Network Access (ZTNA) is still in its early stages, it should be considered a viable alternative to traditional VPN technology. The low importance of segmentation (31 percent), a critical technology solution that prevents intruders from moving laterally across the network to access critical data and IP, was the most concerning finding. Similarly, UEBA and sandboxing are important for detecting intrusions and new malware strains, but they were ranked lower on the list. Another surprise was the secure email gateway, which received 33 percent of the vote, despite the fact that phishing was reported as a common entry method for attackers.
Organizations are more concerned about data loss
The risk of losing data was the top concern of organizations when faced with a ransomware attack, followed by the loss of productivity and the disruption of operations. Furthermore, 84 percent of organizations reported that they have an incident response plan, with cybersecurity insurance making up 57 percent of those plans. When it comes to paying a ransom in the event of an attack, 49 percent of respondents said they would pay the ransom in full, while another 25 percent said it would depend on how much the ransom costs. Most, but not all, of the one-quarter of those who paid the ransom received their data back.
Concerns About Ransomware Are Consistent Across the Globe
While the concerns on ransomware were fairly uniform across the board, there were significant geographical disparities. EMEA (95 percent), Latin America (98 percent), and APJ (Asia-Pacific/Japan) (98 percent) respondents were just marginally more apprehensive about ransomware attacks than their North American counterparts (92 percent). Data loss is the top risk linked with a ransomware attack in all regions, as is the fear of being unable to keep up with an increasingly sophisticated threat landscape. APJ, on the other hand, cites a lack of user awareness and training as their primary concern. In comparison to 59 percent in North America and 58 percent in EMEA, respondents in APJ and Latin America were more likely to have been victims of a ransomware attack in the past (78 percent). Phishing lures were a common attack vector across the world, whereas in APJ and LatAm, Remote Desktop Protocol (RDP) exploits and open vulnerable ports were the top attack vectors.
Intelligence and Integration – Top Priority
Almost all respondents believe that actionable threat intelligence integrated with integrated security solutions or a platform to preventing ransomware attacks, and that Artificial Intelligence (AI)-driven behavioural detection capabilities are valuable.
While almost all respondents said they are moderately prepared and plan to invest in employee cyber awareness training, the survey shows that organizations must recognize the value of investing in advanced email security, segmentation, and sandboxing, in addition to the mainstays of NGFW, SWG, and EDR, to detect, prevent, and limit ransomware. Given today’s ransomware methods and strategies, it’s critical that organizations consider and evaluate these solutions in order to reduce risk. The most advanced organizations will use a platform-based security approach for ransomware protection strategy that provides core capabilities that is completely integrated with actionable threat intelligence. To effectively detect and respond to ransomware threats, they must be designed to interoperate as a unified system and augmented by AI and Machine Learning (ML).