Ransomware Becomes a Pandemic
There is a lot of news being generated about the ongoing pandemic. But another pandemic is sweeping the world – ransomware.
Rise of Ransomware
Fortinet’s 2021 Ransomware Survey Report reveals a more than 1000% surge in ransomware between July 2020 and June 2021.
According to the report:
- Two thirds of organizations have been targeted by ransomware.
- One in six companies have been hit at least three times.
- 94% expressed concern about the threat of a ransomware attack, with 76% being very or extremely concerned.
- 85% are more worried about a ransomware attack than any other cyber threats.
- 62% consider the top concern of organizations concerning ransomware is the risk of losing data.
- 38% said loss of productivity and 36% said the interruption of operations were their top concerns.
- 36% of respondents said the growing sophistication of the threat landscape was among their top five challenges in preventing ransomware.
- Lack of user awareness and training about cybersecurity hygiene came in at 32% and the difficulties of securing “work from anywhere” employees at 31%.
Despite these statistics, there appears to still be complacency about the problem. Researchers found that despite the volume of attacks and their regular success, 96% of respondents feel at least moderately prepared.
Digging in deeper, however, the survey found that less than half of the respondents have a strategy that includes such things as network segmentation (48%), business continuity measures (41%), a remediation plan (39%), testing of ransomware recovery methods (28%), or red team/blue team exercises (13%) to identify weaknesses in security systems.
What is to be done to combat ransomware? 91% plan to invest in more employee cyber awareness training. That’s a smart approach as people tricked into clicking on malicious links and attachments is a primary line of ransomware incursion. But that isn’t enough. Survey respondents said that also look to areas such as threat intelligence, embedded artificial intelligence (AI) for behavioral detection, Secure Web Gateways, VPN, Network Access Controls, and offline backup as key areas of defense.
Perhaps the simplest, most basic, and perhaps the most effective technology upgrades that should be done to minimize the chances of attack are patch management and vulnerability scanning. This one-two punch of vulnerability scanning and patch management provides an essential defensive barrier against most potential incursions. When supported by good user training to proof employees up against phishing attacks and other social engineering scams, organizations are in a strong position to avoid the scourge of ransomware and other malware-borne ills.
How Syxsense Helps
The Syxsense vulnerability scanner is not only a complete security management package, it is automated, repeatable, and generates quick results, delivering security and safety in a timely manner. With security scanning and patch management in one console, Syxsense Secure is the only product that not only shows you what’s wrong, but also deploys the solution.
It offers visibility into OS and third-party vulnerabilities like defects, errors, or misconfigurations of components, while increasing cyber resilience. And it is fully integrated with automated patch management software that lets you easily manage unpatched vulnerabilities with the click of a button.
Syxsense includes patch supersedence, patch roll back, and a wealth of automation features. In addition, it provides a three-hour turnaround for the testing and delivery of new patches as well as technology to send software and patches across the wire once, using peer-to-peer within the network for local distribution.