Kaspersky: 9 Of 10 Orgs Previously Hit With Ransomware Would Pay If Targeted Again

Kaspersky has released a new report, “How business executives perceive the ransomware threat” showing that in 88% of organizations around the world that were previously attacked by ransomware, business leaders would choose to pay a ransom if faced with another attack. Across organizations that have yet to be victimized, only 67% would be willing to pay, and they would be less inclined to do so immediately. Ransomware remains a prominent threat, with nearly two-thirds (64%) of companies already having suffered an attack.

Subscribe
Notify of
guest
3 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Ron Bradley
InfoSec Expert
May 16, 2022 10:25 am

This is a fascinating report with surprising conclusions. A closer look at the respondent pool shows it was conducted with SMBs without input from senior IT leaders, which most likely would have resulted in a much different outcome. That being the case, it\’s important to note, even a SMB such as Colonial Pipeline can cause significant impact on critical infrastructure.

It\’s never a good idea to make a deal with the devil. Those respondents stating they would not contact law enforcement next time they are held for ransomware are doing themselves, and the business community at large, a disservice.

Last edited 1 month ago by Ron Bradley
Rajiv Pimplaskar
InfoSec Expert
May 16, 2022 10:27 am

The Kaspersky report validates that Ransomware protection should remain top of mind for IT and Security executives. While typical sources of ransomware infections are phishing emails, a rising vector of attack is through vulnerable remote access connections. Often VDI and remote desktop environments are utilized not just by work from home users but also system administrators. Many still utilize the RDP protocol that typically runs over port 3389. Such vulnerabilities can be easily detected by a threat actor and exploited using credential stuffing attacks and subsequently lateral movement. 

An updated paradigm for ransomware avoidance is to leverage a modern VPN that abstracts and obscures underlying network resources and endpoints making it impossible to even detect vulnerabilities in the first place. This makes the entire corporate remote access infrastructure invisible to a threat actor and can prevent ransomware and other emerging threats.

Last edited 1 month ago by Rajiv Pimplaskar
Garret F. Grajek
InfoSec Expert
May 17, 2022 1:20 pm

The fact that 88% of businesses would choose to pay the ransomware shows that the IT security community has failed the industry it purports to serve. The lack of confidence against these threats is high. We simply have not accelerated our new IT security methodologies fast enough into the technologies the industry is implementing. Zero Trust and ITDR (Identity Threat Detection and Response) are great concepts and do protect and provide alerts for changes in our environments – but how many have implemented?

Last edited 1 month ago by Garret F. Grajek
Information Security Buzz
3
0
Would love your thoughts, please comment.x
()
x