Ransomware is malicious software that is designed to infect a target’s network and lock data and systems until a ransom is paid. It is an evolving and diversifying threat that can include the theft of sensitive or confidential information and a threat to publicly leak the data unless a ransom is paid. The criminal business model is a lucrative one — often available as a service and accessible to adversaries regardless of their resources or skill level. Our partners at Barracuda shared the March 2023 2023 Ransomware Insights Report with us. Here is a quick synopsis of the findings.
What Businesses Are At Risk?
Every organization is a potential target. Ransomware attacks can cripple day-today operations and customer supply chains, causing chaos and financial losses. They
can destroy company reputations as well as customer relationships.
Our partner, Barracuda conducted an international survey exploring the experience of ransomware attacks on organizations over the last 12 months. The findings show that almost three-quarters (73%) of respondents report being hit with at least one successful ransomware attack in 2022 — and 38% say they were hit twice or more.
How Are Breaches Occurring?
The findings show that for 69% of organizations, the ransomware attack started with a malicious email, such as a phishing email designed to steal credentials to gain access to the network so the cybercriminals can research assets, servers, and databases before ultimately launching the ransomware attack.
Key Report Findings
- Most organizations have experienced a ransomware attack — a third have been hit twice or more
- Repeat victims are more likely to pay the ransom to recover encrypted data
- Email is the most common starting point for ransomware attacks
- Organizations with cyber insurance are more likely to be hit by ransomware
- Many organizations feel they’re not fully prepared for ransomware
How Can You Protect Yourself?
Organizations need integrated and multilayered security to protect their ever-expanding attack surface from evolving threats such as
ransomware. Here are the top cybersecurity areas to focus on to minimize your risk and exposure to ransomware and other cyberthreats
- Protect your credentials. Securing credentials requires a two-pronged approach: First, invest in detection and response tools, and then focus on training your users.
- Secure access to accounts, applications, networks. Multifactor authentication (MFA) remains a best practice and is something that should be adopted by every organization. Consider implementing a more advanced Zero Trust access strategy that continuously verifies users and devices.
- Secure your web applications. Applications are often targeted through the user interface or an API interface.
- Back up your data. To protect your organization from the full impact of a ransomware attack, data needs to be properly and securely backed up and isolated — even when it’s in the cloud.
- Build defense-in-depth with threat intelligence, incident response, and XDR. If you can detect and block the attack at these earlier stages, you might be able to prevent the full impact of the ransomware.
The security industry has an essential role to play in helping organizations address the threat of ransomware through deep, multilayered security technologies, threat hunting and extended detection and response (XDR) capabilities, and effective incident response to spot intruders and close gaps so that attackers cannot find an easy way in. To learn more about Global CTI’s managed data solution and cybersecurity services, call us at 800-366-1711 or email email@example.com.