Skip to main content
close search
site logo
Dive Brief

IT defenses fail to prevent ransomware attacks: report

Published July 20, 2021
Katie Malone's headshot
Associate Editor
Illustration of locks layered above circuity.
Traitov/iStock/Getty via Getty Images

First published on

Cybersecurity Dive

Dive Brief:

  • Traditional defenses against ransomware are falling short, according to Cloudian's 2021 Ransomware Victims Report, released Thursday. Half of organizations (49%) reported having perimeter defenses in place prior to a successful ransomware attack. 

  • Despite 54% of organizations conducting anti-phishing training, one-quarter (24%) of ransomware attacks used phishing as the point of entry. Cloudian surveyed 200 IT decision-makers in the U.S. whose organizations experienced a ransomware attack in the last two years. 

  • On average, victims of ransomware attacks experienced just over three days of downtime, while 10% of respondents reported a week or more of downtime, the survey found. Thirty percent described the impact of the ransomware attack as "severe."

Dive Insight:

As ransomware attacks continue to penetrate businesses, security professionals are finding historically reliable defenses can still be breached by malicious actors. Executives are preparing to mitigate when an attack strikes, not just focused on prevention. 

Planning ahead for a ransomware attack, with an incident response team prepared to jump into action, can help the business limit the amount of damage caused by the hack. A key part of that plan is isolating systems to curb disruption. 

"Oftentimes what customers do in the case of a ransomware attack or other attacks is they try and get that control system isolated as quickly as possible because the damage that could happen in the OT world can be way more and way more long lasting compared to IT," Mark Carrigan, COO of PAS, said during a webinar hosted by Flore Albo LLC last week.

Consider the Colonial Pipeline attack. After attackers deployed the DarkSide ransomware on its IT infrastructure, the pipeline disconnected its OT systems to silo the attack and prevent further damage. This method can be applied to other attacks, as businesses can unplug to prevent the spread while assessing the damage. 

But ransomware attackers are becoming savvier, targeting vendors and third parties to spread malware to unsuspecting secondary victims. The infection and resulting damage trickle from the single source into unsuspecting networks. 

"What the ransomware attackers have figured out is: Go slow and increase profitability over time," Steve Katz, former CISO of Citibank, said at the event. On average, companies paid $223,000 on ransoms and an additional $183,000 recovering from ransomware attacks, according to the Cloudian survey. 

Combating ransomware has become an expensive, uphill battle for security professionals that they can't fight alone. "The only way we can get ahead of it is to stop it at the source," Katz said. 

Recent federal government orders and actions attempt to stop ransomware at its source — but will require private sector coordination along the way.

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell