SpyCloud Report: Organizations Unprepared for Ransomware Attacks Despite Confidence in Cyber Defenses

[ad_1]

Austin, Texas – (BUSINESS WIRE) – SpyCloud, the leader in Account Takeover (ATO) prevention, today released its Ransomware Defense Report 2021, an analysis of the threat posed by ransomware attacks perceived by IT security leaders and the maturity of their cybersecurity defenses.

The report found that 81% of respondents rate their security above average or exceptional, but many lack basic cyber hygiene and multi-factor authentication (MFA).

“The loss of data and resources from ransomware attacks can be crippling. While organizations take this threat seriously, too many fail to take basic preventive measures. This report indicates a disturbing misguided belief that countermeasures never fail, or that paying a ransom after an attack always works – they do and they won’t, ”said Ted Ross, CEO and co-founder of SpyCloud. “Ransomware is a real problem and it’s growing, but there are concrete steps companies can take to prepare for it. The proactive implementation of preventive solutions is the key to disrupting ransomware early in the life cycle and successfully containing the damage. ”

Key highlights from the State of Ransomware Report include:

  • Organizations are not optimistic about the ransomware problem. 62% of respondents believe there is likely to be a ransomware incident in the next 12 months.

  • 72% of the companies surveyed were affected by ransomware from August 2020 to August 2021, 13% of them 6-10 times.

  • 79% agree that reports of high profile attacks (including SolarWinds and Colonial Pipeline) “have significantly increased” their company’s concerns about weak or stolen credentials being used by employees and customers.

  • Although compromised credentials are considered a high risk entry point for ransomware attacks, most organizations lack even the simplest methods of storing passwords and authentication.

    • 41% have no requirement for password complexity and only 55.6% have implemented multi-factor authentication (MFA).

Weakening fallible defense mechanisms through proactive prevention

Companies reported the average cost to restore ransomware of $ 1.85 million in 2021, more than double the price of $ 760,000 in 2020. Despite the explosion in ransomware attacks, individuals are still the most the greatest weakness of companies – and their greatest asset in the fight against cyber criminals.

Respondents rated phishing emails with infected attachments or links as the riskiest vector for ransomware attacks, followed by weak or exposed credentials. Surprisingly, cybersecurity budgets were rated as the lowest hurdle for businesses.

However, instead of investing in strategies to address the most common causes of ransomware attacks, organizations have focused their efforts and resources on containing the damage once it occurred. For example, 50.4% have bought ransomware-specific insurance tabs, 36.4% have hired a third-party payment broker, and 30% have opened a Bitcoin account, although experts question the effectiveness of any of these measures.

To stay ahead of cybercriminals, organizations need to focus on containing the most common entry vectors. Dealing with stolen credentials – a leading cause of ransomware attacks – is critical to early interruption of an attack’s lifecycle. This can be achieved by raising staff awareness of phishing emails and the risks of using weak and recycled passwords, as well as implementing MFA.

While better employee awareness, robust authentication, and device security are critical, organizations must recognize that even the strongest defenses are failing. Solutions that monitor the criminal underground for stolen credentials help protect employees and enable companies to take a proactive approach to contain a sophisticated threat.

Detecting stolen credentials and resetting them before criminals can use them to break into corporate networks is the most direct way to fight ransomware before criminals can gain a foothold. To learn more about how SpyCloud can help companies prevent ransomware attacks, visit https://spycloud.com/solutions/ransomware/.

The full Ransomware Defense Report is available for download at https://spycloud.com/resource/ransomware-defense-report-2021/.

Via SpyCloud

SpyCloud protects consumers, employees, suppliers and citizens worldwide from the dangers of a compromised identity. Its solutions make hacked information actionable to prevent fraud and enable a proactive, automated response that negates the value of stolen data before it can be harmed. Its data also supports many popular dark web monitoring and identity theft protection offerings. SpyCloud customers include four of the top ten global corporations, medium-sized businesses, and government agencies around the world. SpyCloud is headquartered in Austin, TX and is home to over 100 cybersecurity professionals dedicated to making the Internet a safer place.

To learn more and get an overview of your company’s exposed data, visit spycloud.com.

[ad_2]