Ransomware grows 1,070%, organisations struggle to secure operations
Two-thirds of organisations have been the target of at least one ransomware attack, and the majority are more concerned of a ransomware attack than any other cyber threat.
This is according to Fortinet’s 2021 Global State of Ransomware Report, which also found the majority of organisations are actively preparing for a ransomware attack, including investing in employee cyber training, risk assessment plans, and cybersecurity insurance.
However, the researchers state there's a gap in what respondents view as essential technology solutions for protection, and the technology that can best guard against commonly reported methods to gain entry to their networks.
Based on the technologies viewed as essential, organisations were most concerned about remote workers and devices, with Secure Web Gateway, VPN and Network Access Control among the top choices.
According to Fortinet, organisations placed low importance on segmentation (31%), a critical technology solution that prevents intruders from moving laterally across a network to access critical data and IP.
Similarily, UEBA and sandboxing play a critical role in identifying intrusions and new malware strains, yet both were lower on the list, Fortinet states.
Finally, secure email gateway was identified as important by 33% of respondents, despite the fact that phishing was reported as a common entry method of attackers.
Overall, the top concern of organisations regarding a ransomware attack is the risk of losing data, with the loss of productivity and the interruption of operations following close behind.
To prepare for such an attack, 84% of organisations reported having an incident response plan, and cybersecurity insurance was a part of 57% of those plans.
In regards to paying ransom if attacked, the procedure for 49% was to pay the ransom outright. Another 25% said they would pay depending on how expensive the ransom is. Of the one-quarter who paid ransom, most, but not all, got their data back.
Considering alternatives to paying a ransom, almost all respondents state they view actionable threat intelligence, with integrated security solutions or a platform, as critical to preventing ransomware attacks, and see value in artificial intelligence driven behavioural detection capabilities.
Fortinet EVP of products and CMO, John Maddison, says, “According to a recent FortiGuard Labs Global Threat Landscape report, ransomware grew 1070% year over year. Unsurprisingly, organisations cited the evolving threat landscape as one of the top challenges in preventing ransomware attacks.
"As evidenced by our ransomware survey, there is a huge opportunity for the adoption of technology solutions like segmentation, SD-WAN, ZTNA, as well as SEG and EDR, to help protect against the threat of ransomware and the methods of access most commonly reported by respondents.
"The high amount of attacks demonstrates the urgency for organisations to ensure their security addresses the latest ransomware attack techniques across networks, endpoints, and clouds. The good news is that organisations are recognising the value of a platform approach to ransomware defence.”
Fortinet offers advice regarding ransomware and cybersecurity. The company states that organisations need to recognise the value of investing in technologies such as advanced email security, segmentation and sandboxing, in addition to the mainstays of NGFW, SWG, and EDR, in order to detect, prevent and limit ransomware.
Organisations must also consider and evaluate solutions to reduce risk given todays' ransomware tactics and techniques. According to Fortinet, the most advanced organisations will adopt a security approach for their ransomware protection strategy that is platform-based and provides core capabilities fully integrated with actionable threat intelligence.
They must also be designed to interoperate as a unified system and be enhanced with AI and machine learning to better detect and respond to ransomware threats.