Almost one-third of ransomware attacks in the previous year resulted when hackers gained access to the networks of businesses through phishing mails or social media websites. This statistics were part of the research report compiled by a digital security firm, SentinelOne. It shows that human factor is still the single largest reason for the continuation and success of ransomware attacks.
According to the report, in half of such attacks, recklessness of employees made the infiltration of ransomware operators successful. In few cases, the guilty employees also paid the attackers on their own to restore ransomware files.
Migo Kedem is the director of product management at SentinelOne. He is of the thought that awareness regarding ransomware has comparatively increased in last couple of years, but still many don’t know how to spot a carrier of this malicious code on the web (phishing mails, bad links, drive-by downloads etc).
He also thinks there is more noise on ransomware attacks instead of actual awareness measures from the businesses to effectively equip their employees against them.
An Insider Threat
Kedem has also pointed towards an insider threat of ransomware attacks for enterprises. As per him, memory-only codes, script and browser-based infiltration of ransomware is possible from within the organization.
The report also provides a perspective on the losses incurred by UK companies in ransomware attacks. In last 12 months, companies affected by ransomware attacks experience losses of nearly £600,000 on average.
The research also noticed a trend of cyber-insurance among EU-based organizations. More enterprises are getting cyber premiums because they don’t want to get fined under the General Data Protection Regulation of the European Parliament, which will come into effect from May 25, 2018.
Report also indicates that paying attackers to restore ransomware files doesn’t pay off. Many companies reported that the perpetrators asked for the 2nd installment of ransom. In some cases, they didn’t even perform the ransomware decrypt after receiving the payment.
SentinelOne also advises enterprises to take proactive approach against ransomware attacks by replacing their network security from conventional antivirus programs to next generation endpoint protection.
For assistance on file recovery, please contact MonsterCloud Cyber Security experts for a professional ransomware removal.
