This past Wednesday, LANDESK hosted a webinar entitled “Ransomware: The NSA’s Top 10 Mitigation Strategies (and More).”
On that same day, ZDNet published an article that includes some fascinating—and frightening—findings from a recent survey of 540 CIOs, CISOs, and IT directors conducted by anti-malware specialists Malwarebytes.
Recent ransomware findings:
- 40 percent of the businesses surveyed have suffered at least one ransomware attack in the past year.
- 20 percent of the businesses surveyed “have had to stop operations entirely in the aftermath of a successful data breach.”
- 34 percent of those businesses lost revenue as a result of ransomware attacks.
- 60 percent of enterprise ransomware attacks each demanded a ransom of more than $1,000, and 20 percent demanded more than $10,000 each. Some ransom demands reported by survey respondents exceeded $150,000.
- 63 percent of respondents said it took more than a full business day to install patches and “fix vulnerable endpoints” after a successful attack.
Perhaps most disturbingly, according to Malwarebytes, is that the number of exploit kits including instances of ransomware has increased by 259 percent in the past five months alone. And since exploit kits are designed to make hacking and malware delivery faster and easier, the number and severity of ransomware attacks are both likely headed in the same direction: up.
Given all of the above, it might be timely to assess your own enterprise’s preparedness to deal with ransomware. Fortunately for you, we’re here to help.
In our August 3 webinar, our Chief Security Officer Phil Richards summarized the findings and recommendations included in documents recently released by the U.S. National Security Agency (NSA), independently and in concert with more than a dozen other agencies.
He broke those findings and recommendations into six key areas. Here they are, ranked in order of importance based on poll question responses from webinar attendees.
- User education
- Data backup
- Network hardening
- Email hygiene
- System hardening
- Incident response
As Phil provided details about why each area is important and how best to implement it, I asked webinar attendees to indicate the implementation status of each at their own organizations. For each area, respondents were given four choices: comprehensive, extensive, limited, or none.
Here’s how the responses played out:
Respondents ranked user education as the most important of the six areas. However, more than a quarter of them said that their organizations have no formal user education processes or requirements in place.
This may explain why 52 percent of them said that user education is the anti-ransomware effort they expect to pursue most aggressively in the next six to 12 months.
In contrast, only four percent of respondents plan to pursue incident response most aggressively during the same period.
Given that 53 percent have only limited or no formal incident response processes in place across their enterprises, this could come back to haunt some of them should they experience a ransomware- or malware-driven incident.
If poll respondents from our webinar are indicative, ransomware priorities and preparations are all over the map for many enterprises. Possibly including your own, unless you already have or are moving toward comprehensive implementations across all six areas discussed above and in our webinar.
Otherwise, you should grab the on-demand version of our webinar to get Phil’s detailed and cogent implementation recommendations.
More ransomware resources
And if you aren’t already using LANDESK Security Suite, AppSense Application Manager, or any of our other solutions for stopping ransomware and other threats in their tracks, you should at least be considering them. Contact your LANDESK or AppSense representative, or visit the product pages online to learn more or to request trials or demos. And come back here often to see our latest thinking and recommendations.
Ransomware is a real and growing threat, and we’re here to help you to avoid becoming its next victim.