Organizations suffer multiple ransomware infections
A new report reveals that organizations are suffering multiple ransomware infections, 18 percent have suffered a ransomware infection 10 or more times in a 24-month period, a further 18 percent were infected five to nine times, and 30 percent were infected between two and four times.
The study from anti-ransomware platform Halcyon also shows that data exfiltration occurs in nearly every major ransomware attack today, and nearly 60 percent of respondents say that sensitive or regulated data was exfiltrated from their organization, with 55 percent reporting the attackers issued an additional ransom demand to protect the exfiltrated data.
In addition 58 percent of victims report that the loss of sensitive data put their organizations at additional risk of regulatory action and lawsuits.
"The C-suite and BoD need to recognize that most of these attacks today are basically data exfiltration attacks with some ransomware sprinkled in, and once the data is exfiltrated the damage is done," says Jon Miller, CEO and co-founder of Halcyon. "Data exfiltration in many cases is a bigger problem for the victim organization than the disruption to operations because, as the report highlights, even if an organization pays the ransomware demand, these criminals still have that data, putting victim organizations and their leadership at heightened risk of lawsuits and regulatory actions."
The study also reveals a disconnect between perception and reality when it comes to prevention and resilience against ransomware and data extortion attacks. 88 percent of respondents say they were somewhat or very confident that their organizations' current security deployments could disrupt an attack before a ransomware payload is delivered, and 85 percent were somewhat or very confident their organizations could quickly resume regular operations following a successful attack.
However, 36 percent were Infected five times or more over the two-year period. Furthermore, 62 percent of organizations hit by ransomware report a major disruption in operations, with 38 percent saying operations were disrupted for at least two months to more than six months. These findings clearly show that organizations are overly confident in their ability to defend against and quickly recover from ransomware attacks.
You can find out more on the Halcyon blog.
Image credit: AndreyPopov/depositphotos.com