Story image

False sense of security plagues organisations threatened by ransomware

By Catherine Knowles, Wed 22 Dec 2021

Two thirds of security professionals believe ransomware and terrorism threats are equal. This is according to new research from Venafi, which is based on a global survey of more than 1,500 IT security decision makers.

Other key findings include the following.

Over two thirds (67%) of respondents from organisations with more than 500 employees experienced a ransomware attack over the last 12 months, a figure that rose to 80% for respondents from organisations with 3,000-4,999 employees.

Although more than a third (37%) of respondents would pay the ransom, more than half of this group (57%) would reverse that decision if they had to publicly report the payment.

In coming months, this may become a requirement as various legislation is passed in different countries, such as the Ransomware Disclosure Act, a U.S. Senate bill.

Despite the rising number of ransomware attacks, more than three quarters (77%) of respondents say they are confident the tools they have in place will protect them from ransomware attacks.

Australian IT decision makers have the most confidence in their tools (88%), compared with 71% in the U.S. and 70% in Germany.

Overally, 22% believe paying a ransom to be 'morally wrong'. Of those breached, 17% admitted they paid the ransom, with U.S. respondents paying most often (25%) and Australian companies paying least often (9%).

The study also shows that most organisations are not using security controls that break the ransomware kill chain early in the attack cycle, the researchers state.

Many ransomware attacks start with phishing emails that include a malicious attachment, but 21% restrict the execution of all macros within Microsoft Office documents.

Less than a fifth (18%) of companies restrict the use of PowerShell using group policy, and only 28% require all software to be digitally signed by their organisation before employees are allowed to execute it.

Commenting on the findings, Venafi vice president ecosystem and threat intelligence Kevin Bocek says, “The fact that most IT security professionals consider terrorism and ransomware to be comparable threats tells you everything you need to know - these attacks are indiscriminate, debilitating and embarrassing.

"Unfortunately, our research shows that while most organisations are extremely concerned about ransomware, they also have a false sense of security about their ability to prevent these devastating attacks.

"Too many organisations say they rely on traditional security controls like VPNs and vulnerability scanning instead of modern security controls, like code signing, that are built into security and development processes.”

Venafi is a cybersecurity company specialising in machine identity management, securing machine-to-machine connections and communications.

Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, SSH, code signing, mobile and IoT.

The company provides global visibility of machine identities and the risks associated with them for the extended enterprise - on premises, mobile, virtual, cloud and IoT- at machine speed and scale.

With more than 30 patents, Venafi is focused on delivering solutions for organisations and government agencies throughout the globe.

Recent stories
More stories