A recent survey of IT decision makers at 540 organizations in the United States, Germany, Canada and the United Kingdom revealed that nearly 50% have been attacked with ransomware within the last year.
The survey, which was conducted by Michael Osterman of Osterman Research, also revealed some staggering—and depressing—statistics regarding the impact of ransomware and just how vulnerable businesses are to attack.
I called Osterman to discuss the size and scope of the international malware epidemic and to find out what companies need to do to protect their data and avoid falling victim to cybercriminal schemes. Here are some excerpts from that conversation:
When you were looking at the survey results, what jumped out at you?
Michael Osterman: We asked people about a lot of different types of attacks. For example, we asked people if they experienced email phishing attacks, spear phishing attacks, CEO fraud emails, ransomware, malware, etc. and we found that the vast majority of companies have had some type of an attack within the last 12 months.
What about companies that are investing in preventive measure?
Osterman: One of the things that was really interesting is that for a lot of companies the situation is really not getting any better. Companies have invested lots of money in anti-malware technologies and anti-ransomware technologies and yet more than half of companies report that things are either getting worse or staying about the same. Some are reporting that things are getting better, but most are not.
What are some things businesses can do to improve the situation and protect their data?
Osterman: For starters, focus on good technology, which I think most companies are doing. But also start to do more around good threat intelligence. That means really looking at where these attacks come from and being proactive in taking that threat intelligence and applying it to blocking incoming traffic. If you use good threat intelligence from companies like DomainTools and others, you can start to identify where these potential attacks are coming from and you can block it right at the firewall. That will cut out some percentage of the potential phishing attacks, potential malware incursions and so forth.
What else should companies do?
Osterman: Invest in good security awareness training. This is something that we've been looking at for a few years now and we've found that [companies that offer security awareness training at least once per year] are 75% less likely to get infected than companies that do it less frequently. Training is not foolproof, but it's a good first line of defense for a lot of organizations. If you can get users not to click on that link or not to open that attachment, you've gone a long way toward solving the problem.