SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
4 in 5 ransomware attacks include threats beyond data encryption
Thu, 13th Apr 2023
FYI, this story is more than a year old

New research has revealed that 78% of ransomware attacks include threats beyond data encryption.

Menlo Security has shared results from the CyberEdge Group’s 10th Annual Cyberthreat Defense Report, highlighting the growing importance of browser isolation technologies to combat ransomware and other malicious threats. 

Threat actors know today’s employees spend most of their time working in their web browser, making it both a critical business asset and an attractive attack vector if not properly protected. More than half (51%) of respondents use some form of browser or Internet isolation to protect their organisations, with another 40% planning to deploy this type of technology in the next 12 months. Furthermore, 33% of respondents noted that browser isolation is a key element of their cybersecurity strategy for protecting against sophisticated attacks such as ransomware, phishing and zero-day attacks.

This growing focus on browser security is validated by CDR findings that four in five respondents said that when victimised by ransomware attacks, which are often delivered through the browser, they faced the consequences of multiple threats if they did not pay the ransom. 

These multi-level attacks included threats to publicly release exfiltrated data (40%), notify customers/media of a data breach (42%) or commit a DDoS attack against the organisation (42%).

“Evasive web threats, including Highly Evasive Adaptive Threats (HEAT), often come through the web browser and easily bypass multiple layers of detection in prominent security technology, resulting in malware, compromised credentials, and, many times, ransomware,” says Mark Guntrip, senior director of cybersecurity strategy at Menlo Security. 

“The CDR shows that the risk of ransomware delivered via a HEAT attack is becoming even more serious, with multiple threats in one payload. Preventing it is critical and browser isolation technologies are a highly effective way to do so.”

This year’s CDR notes browser isolation as an up-and-coming technology that allows employees to perform activities such as accessing websites, opening emails and downloading documents in an isolated environment in the cloud. Because the browser session is isolated, any malware, ransomware or other threats are unable to reach corporate systems, negating the effectiveness of even sophisticated attacks.

“It’s exciting to see browser isolation technologies embraced by CDR respondents, in part because they’re designed to improve security without affecting the end user’s experience at all,” says Steve Piper, founder and CEO of CyberEdge Group. “We think that we’ll all be hearing more about the importance of this type of technology in the future.”

In November 2022, 1,200 IT security decision makers and practitioners completed a 27-question online survey. Each participant was employed by a commercial or government entity with a minimum of 500 employees. Participants came from six geographic regions: North America, Europe, Asia Pacific, the Middle East, Latin America, and Africa. The CDR gauges perceptions about cyberthreats and ascertains future plans for improving security and reducing risk. It empowers IT security professionals to benchmark their company’s security posture, operating budget, product investments, and best practices against peers in their industry and geographic region.