Ransomware attacks on businesses will become more prevalent than ever in 2017 as malicious hackers become sophisticated—and many companies still aren't prepared to prevent or respond to an attack—according to new research from The Ponemon Institute.
The new study—which includes the results of a survey of 618 IT pros at small and midsize businesses—found that ransomware attacks are getting much easier to launch, thanks to Ransomware-as-a-Service (RaaS), and they're extremely difficult for law enforcement to trace. That's why malicious hackers are leaving other cyberscams behind and turning to ransomware in droves.
Among the survey's key findings:
- 51% of companies surveyed have already experienced a ransomware attack
- Many companies that fall victim to ransomware do not report it to avoid negative publicity
- 66% of respondents rate the threat of ransomware as “very serious,” yet only 13% say they are prepared to prevent a ransomware attack
- 60% of respondents say the volume or frequency of ransomware infections have increased over the last 12 months
- 59% of IT pros believe a successful ransomware attack will have serious financial consequences for their company
The report also found that cybercriminals were most likely to take advantage of spam and phishing emails, social engineering and unsecured websites to unleash ransomware attacks against businesses. And the vast majority of respondents do not believe their companies' antivirus software is enough to protect a company from ransomware. That's why backup and recovery technologies are key.
"Full and accurate backup is a critical ransomware defense," the report reads. "Sixty-eight percent of respondents in companies that experienced a ransomware incident say it is essential (30 percent) or very important (38 percent) to have a full and accurate backup as a defense against future ransomware incidents."