Industry experts agree that ransomware is more a case of ‘when’ rather than ‘if’ and yet many businesses have not taken steps to protect themselves from this growing threat that can cripple finances and reputations.
The title of this blog is not meant to be alarmist. It is based on a survey of 3,542 global technology professionals in which respondents reported a 76% increase in cyber-attacks. Meanwhile, in the UK, 22% of the number of security incidents reported to the Information Commissioner’s Office in the first six months of 2021 were ransomware. This was double the number for same period in 2020.
VMware’s survey also revealed that 78% of the respondents said cyber-attacks had increased due to employees working remotely and 79% said attacks had become more sophisticated. They also reported 2.35 breaches a year with eight out 10 of the incidents requiring a report to regulators or the involvement of an incident response team. In other words, these were not considered a minor incident.
Along with ransomware, the top three causes of cyber breaches were third-party apps and out-of-date security technology. The survey also revealed that email continues to be the most popular way for hackers to gain access to corporate networks.
The pandemic seems to have ignited cyber criminal’s enthusiasm for breaches. NHS chief information officers have reported a surge in cyber-attacks on hospitals and health centres. The UK’s National Cyber Security Centre (NCSC), working in partnership with NHS Digital, responded to more than 200 major cyber-attacks* related to COVID-19 in the first months of the pandemic...just when the entire service could have done with a break!
In addition, the VMware Threat Analysis Unit noted a 900% increase in ransomware over the first half of 2020 and revealed that ransomware was the most commonly experienced attack type in Germany, France, the US, the UK, the Nordics and Japan.
All these statistics, and there are many more, all paint a rather bleak picture, but businesses cannot afford to ignore them...and yet many do. It is surely wiser to invest money in security rather than paying more for a ransomware demand. And it’s not just financial loss, the survey revealed that 75% of those that had suffered a cyber-attack also experienced a negative impact on their reputation.
So, what can businesses do to protect themselves? Engage with experts! If you have lost confidence in your current IT support provider or do not want to overload your in-house team, then seek out another one that will look at your business, your workforce and your current security set-up and design a solution that will give you the visibility and protection it needs.
The IT landscape has changed. Businesses have moved from having workstations connected to on-premise servers, protected from internet intrusion by a firewall, to a more sprawling model where staff work from home and access cloud services. A holistic approach is needed to ensure security tools are up to date and cover every device no matter where they are being used.
Education is key too. While your IT team may be responsible for security, all staff should do their bit to remain vigilant against attack particularly via email.
We offer a managed IT service to alleviate the strain being felt by businesses not only trying to avoid ransomware and other cyber-attacks, but to get control over their IT estate. Do not hesitate to contact me if I can be of any help with your IT needs. In the meantime, take a look at the survey. It makes interesting reading.
*Raconteur: Healthcare CIOs battle COVID cybercrime