Vanson Bourne, a research company, has published a report on the nature of ransomware attacks entitled “The State of Endpoint Security Today”. The report has revealed that victims of ransomware attacks are highly likely to become repeat victims. The report further shows that the healthcare industry is at the greatest risk of suffering multiple ransomware attacks within a year of the original attack. The report was commissioned by Sophos, an online security company.
Vanson Bourne surveyed 2,700 IT managers in organizations of 100 to 5,000 users across the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India, and South Africa. The results were often startling; of the organisations surveyed, 54% were victims of one or more ransomware attacks in the last year. Of these organisations, there was an average of two attacks per organisation in the twelve month period.
As well as addressing the frequency of ransomware attacks, the report also looked into their financial consequences. The median financial impact per affected organisation amounted to $133,000 (including ransom paid, downtime, rectification costs, etc.).The financial impact for the top 3% of organisations suffering a successful ransomware attack was between a staggering $6.6 million and $13.3 million.
The report has shown that healthcare industry was the top target for ransomware attacks (76% of respondents), followed by energy (65%), professional services (59%), and retail (58%). About 77% of attacked organisations were running up-to-date endpoint security at the time of the attack. However, in spite of the vast majority of organisations having up-to-date security systems, only 54% of organisations had not implemented specific anti-ransomware technology, in spite of their evident threat.
The healthcare industry spends a huge amount of money each yea in an attempt to protect their systems from cyberattacks. In spite of this, healthcare organisations are more often victims of ransomware attacks than any other industry. The authors of the report believe this is because healthcare is perceived as a soft target by cybercriminals due to having an ageing IT infrastructure and restricted resources for improving IT security. Healthcare organisations are also considered to be more likely to pay a ransom, due to the highly sensitive information that they hold about their patients and the public outcry if it were to get out.
The results of the survey imply that healthcare organisations are spending their limited IT budgets on the wrong kind of security defenses. Nearly 60% of respondents said their current cyber defenses are insufficient to contend with the growing complexity of ransomware attacks. In spite of the increasing danger that ransomware attacks pose, only 31% of respondents expect to be victims of a ransomware attack in the future.
The senior vice president and general manager of products at Sophos , Dan Schiappa, said: “Ransomware is not a lightning strike – it can happen again and again to the same organisation. Cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server, or disabling security software.”
As cybercriminals are finding ways around the endpoint security implemented by many organisations. In response to the threat, healthcare organisations should review all their IT infrastructure to identify potential vulnerabilities. In addition to implementing software security solutions where required, special attention should be given to users connecting with healthcare networks in order to ensure they are aware of the threat from ransomware.