Traditional endpoint protection ineffective in fighting ransomware

ransomware_keyboard_button_dollar

Ransomware continues to be the most lucrative business model for cyber crime, and a new study indicates that existing endpoint protection methods may not be enough to guard against it.

The survey from security awareness training organization KnowBe4 questioned more than 500 organizations about the current state of their ransomware protection, whether they were a victim of ransomware, the impact of a successful breach and their remediation tactics.

It finds that 33 percent of respondents have experienced a ransomware attack in the past 12 months. More concerning is that 53 percent of organizations that had deployed multiple solutions against ransomware still fell victim to it.

In addition 48 percent of the total number of respondents (72 percent) who had downloaded KnowBe4's ransomware simulator, RanSim, were not able to detect the simulator's behavior, despite their antivirus deployments.

"Ransomware is primarily delivered via a phishing email, which means your users have to be trained to identify it in order to prevent it, making antivirus ineffective at stopping ransomware," says Stu Sjouwerman, CEO of KnowBe4. "It's a simple concept -- if users can learn not to click the link or open the attachment they won’t infect their workstation with ransomware! An important layer in any company's security stack is the last line of defense -- the human firewall that can be trained to detect a phishing email. Once organizations recognize this, their security posture improves dramatically."

Of those respondents impacted by ransomware, on average six endpoints and two servers were affected in a given attack, showing that the general assumption that ransomware takes over only one machine is inaccurate. The larger impact of multiple machines being hit caused an average of 12 hours user downtime and 12 hours of IT investment to remediate the problem.

The majority (94 percent) of businesses surveyed didn't pay the ransom to decrypt their data. Those that did paid at a rate of between three to five bitcoins (respectively $3,780 to $6,300 at today's exchange rate).

You can find out more in the full report which is available on the KnowBe4 website.

Photo credit: Ton Snoei / Shutterstock

© 1998-2020 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.