A Mimecast survey has found that there has been a dramatic rise in ransomware attacks over the past 12 months, with large enterprises bearing the brunt – experiencing an average of 10,000 attacks over the past two years.
The new research report, named State of Ransomware Readiness: Facing the Reality Gap, is based on a global survey of 742 cyber security professionals and found that cyber security leaders are facing challenges related to technology, people and processes.
The shift to remote work brought on by the COVID-19 pandemic has resulted in numerous new devices to protect, leaving organisations more vulnerable to ransomware through unsecure networks.
While many Australian organisations claim to be prepared for an attack, many lack basic preparation such as backups of files and regular patching. This is despite an overwhelming majority (87 per cent) of Australian executives believing their company is very or extremely prepared for an attack.
The percentage of local organisations who have fallen foul and then reported attacks to either law enforcement or data privacy agencies is also low, which shows that a business mindset shift will be needed, if and when mandatory reporting – as outlined in the Ransomware Action Plan, comes into effect. Notably, over half (55 per cent) of Australian executives believe they could lose their job as a result of a ransomware attack.
Key Australian data from the Mimecast State of Ransomware Readiness Report:
- Forty-three per cent of Australian companies regularly apply patches or keep systems up to date and 53 per cent of Australian companies require multi-factor authentication;
- Australian companies are significantly more likely (42 per cent) to have legal action taken against them than any other country;
- Nearly half of Australian executives would also like additional resources for more frequent security awareness training of end-users (40 per cent) and up-to-date security systems (38 per cent); and
- Only 7 per cent of Australian executives paid ransom, however, 69 per cent of them paid the ransom in full, which is the highest globally.
Underscoring the importance of ensuring systems are updated to prevent ransomware attacks. Mimecast’s Threat Centre recently reported the resurfacing of a threat actor known for spreading malware such as Trickbot and BazarLoader, known to result in ransomware attacks.
The new twist on similar malware attempts delivers spam referencing a customer complaint that may trick users into clicking on what appears to be a legitimate link, taking advantage of a feature Microsoft introduced a few months ago, which allows end users to install Windows 10 apps from a webpage.
Additional data Mimecast has gathered via their State of Ransomware Readiness Report has found that:
- Respondents cited phishing emails with ransomware attachments (54 per cent), web security (47 per cent), and phishing emails leading to a drive-by download (45 per cent) as primary sources of ransomware attacks;
- Only 45 per cent reported they have file backups that would allow them to avoid having to pay the ransom, or to mitigate damage from an attack;
- Forty-five percent would like a budget to fund more up-to-date data security systems;
- Forty-six percent of executives want more frequent security awareness training for end-users; and
- Forty percent of respondents want greater sharing of threat data.
The Mimecast data also revealed that ransoms vary widely across the globe.
Responding executives were evenly split when it comes to paying the ransom, with 41 per cent who did not pay, while 39 per cent did, and 13 per cent of organisations negotiated their payments down.
- Australia - $79,857 (USD$59,066)
- Canada - CAD$6,666,220 (USD$5,347,508)
- Germany - €171,203 (USD$197,727)
- South Africa - R3,261,352 (USD$213,884)
- United Kingdom - £628,606 (USD$848,377)
- United States - USD$6,312,190
Finally, Mimecast researchers have found that ransomware attacks are widespread and prevalent with 80 per cent of organisations targeted and experienced an average of 3,000 attacks over the past two years, or four per day.