IT knows ransomware is a risk, but companies can’t stop it

Nothing’s worse than knowing a storm is coming but being unable to do anything about it. That’s how it feels to be a security pro staring down the imminent threat of ransomware right now. 

A new study by the Ponemon Institute and online backups provider Carbonite shows that IT pros recognize the threat of ransomware, but feel their organizations are ill-suited to deal with it. Two-thirds (66%) said that ransomware is a serious threat, but only 13% said their companies could prevent it.

That could be because ransomware takes so many forms, from compromised databases to phishing attacks and more. The most common vectors for successful attacks were:

  • phishing or social engineering (43%)
  • insecure or spoofed websites (30%)
  • malvertisements (15%), and
  • social media (8%).

And part of the problem would seem to be the disconnect between those who handle security and those whose expertise lies in another aspect of business.

Conflicting views

One example: 59% of respondents said ransomware attacks would have serious financial consequences for their organization. Yet nearly as many said that their companies believed they were too small to be the target of a ransomware attack.

That, of course, isn’t true. Small businesses are targeted just as much as anyone else. And in fact 48% of SMBs paid the ransom.

And often forgotten in cases of ransomware is that the costs aren’t limited to paying the ransom. Whether or not you pay, there will be significant costs from attacks. According to the survey, companies affected by ransomware wound up with costs from:

  • investing in new security solutions (33%)
  • downtime affecting the bottom line (32%)
  • losing customers (32%)
  • diminished reputation (24%)
  • lost customer data (23%), and
  • replacing equipment (22%).

All told, 86% of respondents wound up with at least some financial losses from these incidents.

Have a plan in place

Regardless of your personal or company stance on ransomware, it’s important to have a plan in place before the deadline arrives.

Part of that will be having backups for all business-critical data. Of those who didn’t pay the ransom, backups were the primary reason for holding out at 42%. Other reasons included not needing the ransomed data or not believing the payment would actually result in the return of it.

But just know the clock will be ticking: Almost half (48%) of the victims had less than two days to pay, and only 16% weren’t given a timeline to decide.

So if you’re going to have a clear-headed response, get started now, and at least know who will be making the decisions and what those decisions might include.