79 percent of organizations are confident in their ransomware defenses
A new report from SpyCloud shows that while 79 percent of organizations say they are confident in their ransomware defenses, 81 percent were affected at least once in the past 12 months.
The study also shows that infostealer infections preceded 22 percent of ransomware events for North American and European ransomware victim companies in 2023. 76 percent of infections that preceded these ransomware events involved the Raccoon infostealer malware.
"Ransomware is a malware problem at its core, and there's a clear pattern emerging that shows
infostealer malware is directly leading to ransomware attacks," says Trevor Hilligoss, senior director of security research at SpyCloud. "Organizations that fail to address malware-stolen authentication data risk more than just ransom costs, as harm to brand reputation, disruption to business operations, and resource drain can be equally or more detrimental than the ransom itself."
Over 98 percent of respondents agree that better visibility and automated remediation of malware-exfiltrated data would improve their ability to fight against ransomware. Organizations have shifted their approach in the past year though, moving away from user awareness and training and toward technology-driven countermeasures such as automating the remediation of exposed passwords and session cookies, implementing multi-factor authentication (MFA), and leveraging passwordless authentication such as passkeys.
"Despite organizations' understanding of malware, security teams still lack visibility into the
authentication data exposed by infections -- and as such fail to consistently remediate stolen
credentials and cookies as a means of preventing the account takeover and session hijacking
attacks that lead to ransomware," adds Hilligoss. "While MFA, automation, and passwordless
technologies are important precautions, none of them are infallible."
The full 2023 Ransomware Defense Report is available from the SpyCloud site.