Ransomware Recovery Worries IT Professionals

Tom Jowitt,
ransomware

Security professionals pessimistic of recovery chances amid growing ransomware menace

Security professionals are divided when it comes to confidence regarding their company’s ability to recover from a ransomware attack.

When asked if their company could recover from a ransomware infection without losing critical data, only 38 percent were “very confident” their organisation could do so

This stark conclusion comes after Tripwire surveyed 200 security professionals at the RSA Conference 2016 in late February and early March.

Ransomware Worries

The survey also revealed that the ransomware menace is more of problem for operators of critical infrastructure. Seventy-three percent of respondents said critical infrastructure providers are more vulnerable to ransomware attacks than other organisations.

Ransom, gun, laptop, crime © Tatiana Popova, Shutterstock 2014Earlier this week for example, Methodist Hospital in Kentucky declared an “internal state of emergency” after a Locky ransomware attack.

That attack comes after the Locky ransomware also hit the Hollywood Hospital last month. Unfortunately, that hospital paid bitcoins worth $17,000 (£12,010) in order to get the attackers to unlock their systems,

Read More: How to avoid ransomware and stay safe

Meanwhile the Tripwire survey also highlighted the worry for security professionals about the ability of senior management to detect threats.

More than half (fifty-two percent) of respondents said they are not confident their executives could spot a phishing scam. Meanwhile fifty-eight percent said their company has seen an increase in spear phishing over the past 12 months.

“The decision to pay a ransom comes down to the confidence and financial cost of recreating or restoring data from a previous backup,” said Travis Smith, senior security researcher for Tripwire.

“Since most ransomware samples we have seen have a time limit to pay, it’s important to have confidence that you can restore the majority of data on short notice,” said Smith. “Organisations should focus on improving backup and restoration procedures to reduce the cost of restoring data and services after a potential breach.”

Growing Menace

Ransomware is a growing menace and typically infects an individual or organisation via a malicious email attachment.

Trend Micro warned earlier this month that had been more ransomware-related infections in February this year, compared to the first six months of last year in total. It therefore predicted that 2016 could see the largest number of ransomware attacks on record.

Last week Dell SecureWorks warned that hackers who previously carried out attacks on behalf of the Chinese Government may now be behind a number of recent incidents involving ransomware.

Even Apple, which has until recently enjoyed a relatively good security reputation, has been targeted by ransomware. Palo Alto Networks found a ransomware campaign, dubbed “KeRanger” hidden in a BitTorrent installer for software called Transmission, which allows Mac users to download videos, music and software via a peer-to-peer network.

Unfortunately it seems that many businesses pay the ransom. Bitdefender found that that 44 percent of ransomware victims in the UK have paid to regain access to their data. The company believes this figure will rise in the coming years, with 39 percent of victims saying it is probable or very probable that they will be attacked again in the future.

It found that victims are typically willing to pay up to £400 to recover their encrypted data.

Are you a security pro? Try our quiz!