London, UK: SentinelOne announced the findings of a global survey on the business impact of ransomware, conducted by research firm Vanson Bourne. The survey of 500 businesses in the UK, US, France and Germany revealed that in the last 12 months, 48 per cent of organisations have fallen victim to a ransomware campaign, with 81 per cent indicating that they’ve suffered from three or more attacks.
In 94 per cent of cases ransomware has influenced a change of direction: 67 per cent of businesses globally have increased IT security spending and 52 per cent reported they are changing their security strategies to focus on mitigation. Ransomware has caused a significant loss of confidence in existing cyber security techniques. Around two in three respondents (65 per cent) believe that traditional cyber security techniques are ineffective in combatting ransomware and 44 per cent consider antivirus an ineffective solution to the problem. In 22 per cent of cases a senior IT or security professional got fired because of repeated attacks.
According to the survey, 81 per cent of respondents globally that suffered ransomware attacks reported that attackers were able to gain access to their organisation’s network through phishing emails or social media. Half reported that the attacker gained access through a drive-by-download caused by clicking on a compromised website, while 40 per cent stated that the attack came through an infection via botnet.
Employee information (42 per cent), financial data (41 per cent) and customer information (40 per cent) were the types of data most often affected by these attacks. Respondents identified the most likely motives of their attackers as financial gain (54 per cent), operational disruption (47 per cent) and cyber espionage (42 per cent).
According to Tony Rowan, Chief Security Consultant at SentinelOne: “These results point to a significant shift for ransomware - it’s no longer just a tool for cybercrime, but now also a tool for cyber terrorism and espionage.”
He added: “Hackers are gaining access to sensitive assets by tricking users, and this is a problem that cannot be removed with more walls and training,” concluded Rowan. “Security is at a point of crisis, and customers and vendors must both instigate change. There’s an immediate need for a new generation of security technologies that can discover, adapt and stop the new breed of threats as they happen.”
To download the full survey findings, click here. Or to download an infographic, click here.
*Survey Methodology
Vanson Bourne surveyed 500 cybersecurity decision makers at organisations with more than 1000 employees globally in October 2016: 200 in the U.S.; 100 in the U.K.; 100 in France; and 100 in Germany.