Cyberattacks and data breaches can have serious implications for organisations in terms of downtime, financial damage and reputation of the business. Ransomware attacks that seek to encrypt a victim’s data and demand a fee to restore it continue to be prevalent. Unfortunately, the damage caused can be severe and widespread. The largest ransomware attack to date – WannaCry – was estimated to have affected more than 200,000 computers across 150 separate countries. Ransomware today is rife and has been exacerbated by the current work-from-home trend.
One-in-five (21%) of the survey respondents said they had experienced a ransomware attack, and of those, over a quarter (26%) admitted they couldn’t access any working backup after the attack. Even when organisations could access a working backup, 22% of them could either only restore a partial amount of data or none at all.
In most countries, employees have been working under a completely different set of parameters for a couple of months; ones where new security risks are high and where cybercriminals are finding new ways to exploit any weaknesses they can find.
“We have seen a sharp increase in the number of ransomware cases since lockdown began,” comments Philip Bridge, president of Ontrack, LLC. “Unfortunately, this is at a time when more distractions at home have led to an increased amount of complacency by staff. For example, clicking on ransomware- infected links that they wouldn’t click if they were in the office.”
Whilst there are numerous benefits, the remote working seen during lockdown can leave a business’s IT network and systems vulnerable. It adds a huge number of endpoints to organisations that may not have been there previously. Plus, many of them are considered ‘shadow IT’ and have not been vetted by the employer.
“The threat of ransomware has never been greater. The fact that only 39% of respondents to our survey have an emergency plan in place for a ransomware attack is shocking. They are gambling with their and their customer’s data. It is imperative, now as ever, to ensure your organisation has processes and procedures in place to mitigate the impact of any cyber-attack and protect sensitive data,” adds Bridge.