Ransomware, Malware, Phishing Top List of Computer Security Issues

According to the Thales 2022 Global Data Threat Report, malware, ransomware and phishing continue to plague organizations worldwide.

The survey of more than 2,700 executives with influence over IT and data security found that one in five (21%) had experienced a ransomware attack in the past year.

The study, which was based on a global survey by 451 Research conducted in January 2022 and commissioned by Thales, also found that data breaches remain high, with nearly a third of respondents experiencing a data breach in the past of the last 12 months.

While the vast majority (79%) of companies remain concerned about the security risks of an increasingly remote workforce, the study found that less than half of companies (48%) have a formal ransomware plan.

The investigation indicated that the severity, frequency and impact of ransomware alters the economics of breaches, because unlike other “low and slow” data breaches that occur over days and months, ransomware capture data immediately and demand quick action.

Nearly a quarter (23%) of businesses surveyed said that financial loss due to penalties, fines and legal fees has been or would be the biggest impact of ransomware. Lost productivity, recovery costs and notification of breaches lagged behind, while more indirect long-term costs such as brand reputation and lost customers were even less of a concern.

Paying the price for ransomware

More than one in five respondents (22%) globally said they had paid or pay a ransom for their data. In the United States, 24% of respondents said they had paid or would be willing to pay.

“Companies may not have a good understanding of the effects of all parties involved, such as cyber insurance underwriters, incident response companies, government regulations, and ransomware attribution,” the report notes.

Thales Technical Director EMEA Chris Harris explained that part of the challenge for organizations is that there is no single product or solution they can implement that will provide them with all-encompassing protection.

“Defense against malware and ransomware should be defense in depth and encompass more than ten distinct approaches, including antivirus, phishing awareness, and data encryption,” he said. “Most organizations are likely to have some protective elements in place, but maintaining a strong protective wall requires investment and focused attention to the problem at hand.

Harris said too few organizations are implementing what experts would consider a comprehensive set of preventive and defensive measures.

“One of the biggest vectors of ransomware is human error; the employee who clicks on a phishing link or the team member who does not question a malicious instruction that they believe to be genuine,” he added. “The best protection against these attacks is preparation; frequent cybersecurity crisis simulation exercises and a strong awareness campaign among their users.

Harris explained that with these elements in place, organizations will be in a better position to identify gaps in their layers of protection and take corrective action quickly.

Tim Wade, deputy technical director at Vectra AI, explained that organizations lack reasonable strategies against ransomware due to a mismatch between expectations and reality.

“Many organizations have failed to realize that ‘ware’ in modern ransomware is a misnomer – modern ransomware has much more to do with a motivated human operator than an instance of malware,” he said. declared. “By the time a malicious solution can deliver any benefit, it may be far, far too late.”

Meanwhile, a sufficiently motivated human operator will take the time to destroy backups, spare capacity, or system redundancy.

“Organizations that want to have a plan against ransomware must have a plan to detect and expel malicious human operators; they need to understand that everyone is at least a target of opportunity, regardless of size, vertical or region,” Wade said.

Cloud data protection management

Additionally, the survey found that the majority (51%) of IT managers agree that managing privacy and data protection regulations in a cloud environment is more complex.

Data visibility was also seen as a key challenge, with just over half (56%) of IT managers feeling very confident or in full knowledge of where their data was stored, compared to 64% l ‘last year. Only a quarter of respondents said they were able to classify all their data.

Even as they face an expanding attack surface, enterprises are deploying even more SaaS technologies as cloud consumption continues to grow at the same rapid rate as last year.

The report found that 34% of respondents said they used more than 50 SaaS applications and more than 16% said they used more than 100 SaaS applications.

Some progress has been made in cloud security, as 22% of respondents said more than 60% of their sensitive cloud data is encrypted, up from 17% in the 2021 study.

Harris said that for an organization to decide what levels of protection and controls to use, it must first be able to discover data wherever it resides and classify it.

This means scanning all on-premises and cloud repositories for structured and unstructured data, which can come in many forms, including files, databases, and big data.

“The path to compliance starts with finding sensitive data before auditors or hackers do,” he noted. “Once an organization knows where its sensitive data is, it must protect that data with measures such as encryption.”

For encryption to successfully secure sensitive data, the cryptographic keys themselves must be secured, managed, and controlled by the organization. Finally, the organization must control access to its data and centralize key management.

“Every data sovereignty or privacy regulation and mandate requires organizations to be able to monitor, detect, control, and report authorized and unauthorized access to data and encryption keys,” Harris said.

Comments are closed.