Keeper Security, Ivanti Surveys Highlight Weaknesses in Ransomware, Phishing Defense
More security awareness training is needed to combat ransomware and phishing.
![Weakling Weakling](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/blt9112ae5e29d6768c/65244c82a163829d76053a56/Weakling.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
Mark Cravotta is Keeper Security‘s chief revenue officer.
“It was particularly surprising to see that although organizations responsibly disclosed the attack to partners and customers, 26% didn’t disclose the attack to the public,” he said. “This shows that the disclosures that are made public don’t necessarily provide a full picture of the number of organizations impacted by ransomware. This can be counterproductive in that cybercriminals prefer to stay out of the public eye so as not to draw attention to their activities, especially with law enforcement. This trend may change in the near future given the new privacy laws and government regulations stressing the importance of full transparency, especially for any personally identifiable information (PII) leaked.”
The true cost of being targeted by a ransomware attack isn’t just financial, according to Keeper Security. In fact, 83% said their organization performed major tech updates following the attack. Of that group, 71% felt the updates negatively impacted their productivity and ability to carry out daily tasks. An additional 64% permanently lost login credentials or important documents as a result, further proving that significant security updates need to be installed as soon as possible. Unfortunately, this is still wishful thinking, as 87% of impacted companies enacted strict security protocols following the attack.
Although ransomware attacks can never be 100% prevented, there are steps organizations can take to limit the risk of these attacks, Cravotta said.
“Implementing security measures like multifactor authentication (MFA) makes an organization much less likely to be targeted, as they are harder to access,” he said. “Cybercriminals are much more interested in the low-hanging fruit where they can access networks without additional security protocols. Unfortunately, 62% of respondents said their companies implemented MFA post-attack — a move that is necessary, but in this instance, too little, too late.”
Additionally, it’s crucial for organizations to perform regular system backups, enabling them to recover data after a ransomware incident, Cravotta said. This is helpful in the event of a catastrophic system outage and damage not only due to cyberattacks, but natural disasters, too. It’s important to store backups on different systems as backups are often part of a ransomware attack, rendering them useless.
“With all of this said, it’s important to keep in mind that the first line of defense are your employees,” he said. “Train your employees to avoid phishing and other scams, especially since many ransomware payloads are delivered in phishing emails.”
Other notable statistics from the Keeper Security research include:
Eighty-seven percent of impacted companies enacted stricter security protocols after the attack.
Seventy-seven percent reported being unable to access systems or networks as a result. Some 30% were down for a day or less, 26% were offline for up to seven days and 27% were knocked out for more than a week.
Forty-two percent of ransomware attacks originated from phishing emails, 23% from malicious websites and 21% from compromised passwords.
“While 29% of employees were unaware of what ransomware was prior to their employer being hit with a ransomware attack, a majority knew about these types of attacks and the impact they can have,” Cravotta said. “The more awareness that can spread about cyber safety among employees at any organization, the more these attacks can be prevented in the future.”
According to Ivanti‘s survey, 80% of respondents said they have witnessed an increase in the volume of phishing attempts and 85% said those attempts are getting more sophisticated. In fact, 73% of respondents said their IT staff had been targeted by phishing attempts, and 47% of those attempts were successful. Smishing and vishing scams are the latest variants to gain traction and target mobile users.
Hackers are exploiting enterprise security gaps in the everywhere workplace, in which remote workers are using mobile devices more than ever before to access corporate data. Thirty-seven percent of respondents cited a lack of both technology and employee understanding as the main causes for successful phishing attacks.
Ivanti’s Chris Goettl said phishing is a good example of a cybersecurity challenge that requires multiple layers of security.
“Phishing will target a user to attempt to convince them to give up sensitive information or execute malicious code,” he said. “A phishing attack can target a user through email, websites, links [and] QR codes, and any of these can occur on desktops, laptops or mobile devices. To defend against phishing attempts, a company should be implementing security training [and] anti-phishing in both the email solution and on the mobile device. Mobile devices are the last mile of phishing attacks, so organizations need to implement on-device phishing protection that can detect and remediate attacks across all mobile threat vectors, including text and SMS messages, instant messages, social media and other modes of communication, beyond just corporate email.”
Organizations also need to implement a comprehensive zero trust security approach that incorporates security measures that focus on users, devices, applications, access, and the ability to continuously observe and act on insights that indicate changes in risk to any of these elements.
The Ivanti survey also found the effects of phishing attacks have been exacerbated by IT talent shortages. More than half of respondents claimed their organization has suffered from staff shortages in the past year. And of those respondents, 64% confirmed under-resourcing is the cause of longer incident remediation times.
With fewer members of staff, the ability to mitigate security issues swiftly has been vastly reduced. Any downtime caused by a security incident costs an organization money and damages productivity. Furthermore, 46% cited increased phishing attacks as a direct result of staff shortages.
“Organizations should eliminate passwords, which are the primary point of compromise in phishing attacks,” Goettl said. “Organizations should replace passwords and login credentials with more secure modes of access, such as biometrics. The No. 1 goal of phishing attempts is to gain access to user credentials. If there is no password to compromise, the impact of phishing attempts is significantly reduced.”
The Ivanti survey also found the effects of phishing attacks have been exacerbated by IT talent shortages. More than half of respondents claimed their organization has suffered from staff shortages in the past year. And of those respondents, 64% confirmed under-resourcing is the cause of longer incident remediation times.
With fewer members of staff, the ability to mitigate security issues swiftly has been vastly reduced. Any downtime caused by a security incident costs an organization money and damages productivity. Furthermore, 46% cited increased phishing attacks as a direct result of staff shortages.
“Organizations should eliminate passwords, which are the primary point of compromise in phishing attacks,” Goettl said. “Organizations should replace passwords and login credentials with more secure modes of access, such as biometrics. The No. 1 goal of phishing attempts is to gain access to user credentials. If there is no password to compromise, the impact of phishing attempts is significantly reduced.”
New research by Keeper Security and Ivanti shows organizations have a long way to go in protecting themselves from ransomware and phishing attacks.
Before their organization suffered an attack, nearly one-third of employees had never heard of the word ransomware. That’s according to Keeper Security’s new 2021 Ransomware Impact Report.
The report goes on to confirm that the entry point for about half of ransomware incidents was a phishing email. That’s a frightening indication of how lack of awareness remains an Achilles heel for too many organizations. After surveying 2,000 U.S. employees, the report looks at the crippling domino effects felt by companies targeted by ransomware attacks.
Remote Work Increases Phishing Attacks
And speaking of phishing, Ivanti’s new survey shows the global shift to remote work has exacerbated the onslaught, sophistication and impact of phishing attacks. Ivanti surveyed more than 1,000 enterprise IT professionals across the United States, United Kingdom, France, Germany, Australia and Japan.
Nearly three-quarters of respondents said their organizations have fallen victim to a phishing attack in the last year. Furthermore, 40% confirmed they have experienced one in the last month.
Ivanti’s Chris Goettl
Chris Goettl is Ivanti’s senior director of product management.
“These findings demonstrate that anyone can be tricked into tapping a link, and divulging their username and password by a sophisticated social engineering attack,” he said.
Many respondents blamed successful attacks on a lack of understanding, according to Ivanti. Furthermore, only 30% said the majority of employees actually completed the cybersecurity awareness training their company offers.
Our slideshow above features more on the Keeper Security and Ivanti research findings.
About the Author(s)
You May Also Like