Kaspersky: 9 Of 10 Orgs Previously Hit With Ransomware Would Pay If Targeted Again

By   ISBuzz Team
Writer , Information Security Buzz | May 17, 2022 05:20 am PST

Kaspersky has released a new report, “How business executives perceive the ransomware threat” showing that in 88% of organizations around the world that were previously attacked by ransomware, business leaders would choose to pay a ransom if faced with another attack. Across organizations that have yet to be victimized, only 67% would be willing to pay, and they would be less inclined to do so immediately. Ransomware remains a prominent threat, with nearly two-thirds (64%) of companies already having suffered an attack.

Subscribe
Notify of
guest
3 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Garret F. Grajek
May 17, 2022 1:20 pm

The fact that 88% of businesses would choose to pay the ransomware shows that the IT security community has failed the industry it purports to serve. The lack of confidence against these threats is high. We simply have not accelerated our new IT security methodologies fast enough into the technologies the industry is implementing. Zero Trust and ITDR (Identity Threat Detection and Response) are great concepts and do protect and provide alerts for changes in our environments – but how many have implemented?

Last edited 1 year ago by Garret F. Grajek
Rajiv Pimplaskar
May 16, 2022 10:27 am

The Kaspersky report validates that Ransomware protection should remain top of mind for IT and Security executives. While typical sources of ransomware infections are phishing emails, a rising vector of attack is through vulnerable remote access connections. Often VDI and remote desktop environments are utilized not just by work from home users but also system administrators. Many still utilize the RDP protocol that typically runs over port 3389. Such vulnerabilities can be easily detected by a threat actor and exploited using credential stuffing attacks and subsequently lateral movement. 

An updated paradigm for ransomware avoidance is to leverage a modern VPN that abstracts and obscures underlying network resources and endpoints making it impossible to even detect vulnerabilities in the first place. This makes the entire corporate remote access infrastructure invisible to a threat actor and can prevent ransomware and other emerging threats.

Last edited 1 year ago by Rajiv Pimplaskar
Ron Bradley
May 16, 2022 10:25 am

This is a fascinating report with surprising conclusions. A closer look at the respondent pool shows it was conducted with SMBs without input from senior IT leaders, which most likely would have resulted in a much different outcome. That being the case, it\’s important to note, even a SMB such as Colonial Pipeline can cause significant impact on critical infrastructure.

It\’s never a good idea to make a deal with the devil. Those respondents stating they would not contact law enforcement next time they are held for ransomware are doing themselves, and the business community at large, a disservice.

Last edited 1 year ago by Ron Bradley

Recent Posts

3
0
Would love your thoughts, please comment.x
()
x