A third of organizations record ransomware attempts weekly. 9 per cent of respondents report attacks more than once a day and 53 per cent of organizations have been victims of a successful ransomware attack in the last 18 months.
17 per cent of respondents who reported an attack in the last 18 months couldn’t identity how the attackers compromised their organizations.
The findings in “2022 Impacts: Ransomware attacks and preparedness” report further highlight an increased level of intrusion and sophisticated cyberattacks.
The three entry points used for these ransomware attacks include email (54 per cent), desktop browsers (49 per cent), and mobile devices at 39 per cent. Other entry points for ransomware attack include social media, USB devices, a breach of physical security, and social engineering.
There are several challenges that prevent companies from adequately protecting their systems and servers from ransomware attacks. 43 per cent of respondents say that employees continue to be the weakest point in their cybersecurity chain.
41 per cent of respondents are worried about ransomware attacks evolving beyond their own knowledge and skills, and 39 per cent are concerned about ransomware attacks that go beyond the capabilities of their organization.
Regarding the way in which they react to ransomware attacks, 45 per cent state that they implement a data backup and recovery plan, 39 per cent work on determining the effects and damages of the attack, 37 per cent quarantine all affected endpoints, 37 per cent inform employees and 33 per cent inform affected customers. 29 per cent claim that they contact the CEO or the board of directors and wait for a response. 10 per cent said they do not know what their first step would be.
Organizations use different tools to combat ransomware attacks. 74 per cent use firewalls, 66 per cent use network perimeter strength, 62 per cent phishing protection and 61 per cent use mobile device protection. 60 per cent use endpoint protection, 59 per cent train employees and 56 per cent employ remote worker protection.
The sources for this piece include an article in TechRepublic.