Ransomware. Ransomware. Ransomware.
It seems to be in every headline and on every cybersecurity professional's mind.
How am I protecting my organization from an attack? Is our Incident Response plan sufficient for when it happens? Will we pay the ransom? What will our insurance cover?
As ransomware attacks have spiked in the last year, a common theme for many organizations is that the attack was the result of failed cybersecurity.
But in the world of emerging ransomware perspectives, some argue it could be more about bad luck.
IT security perspectives on ransomware attacks
A new report from cybersecurity firm Talion aims to discover current perceptions of ransomware attacks. The report surveyed IT security professionals and asked them to respond to the following statement: "It is a cybersecurity failing when an organization is infected with ransomware."
Yes, 83% answered that ransomware is the result of failed cybersecurity.
However, 17% of the respondents believe there are other factors at play. Perhaps a black cat wandering around the server room?
Lindy Cameron, CEO of the UK's National Cyber Security Centre (NCSC), believes that ransomware is currently "the most dangerous and insidious cyber security threat" that organizations face.
Cameron gave her perspective on cyber risk at the Royal United Services Institute (RUSI) think tank's annual security lecture earlier this year:
"What I find most worrying isn't the activity of state actors. Nor is it an
improbable cyber Armageddon. What I worry most about is the cumulative effect of a potential failure to manage cyber risk and the failure to take the threat of cyber criminality seriously."
Should ransomware payments be banned?
The report also looks into hotly debated topics involving ransomware, such as banning ransom payments.
According to researchers, 79% of cybersecurity professionals believe ransom payments should be outlawed. The chart below shows the percentage of respondents who think ransomware payments to cybercriminals should be made illegal.
This was the topic of a recent SecureWorld livestream with nationally respected cyber attorney Shawn Tuma of Spencer Fane, which you can watch below.
Not only do the majority of security professionals think ransom payments should be banned, but often times, paying the ransom does not mean the organization will fully recover its stolen data.
The State of Ransomware 2021 report from Sophos shows that 92% of organizations who paid a ransom did not recover all of the data. On average, only 65% of the stolen data was recovered.
Cyber insurance fueling ransomware?
Another topic the report looks at is how insurance payments are contributing to the ransomware problem. Seventy percent of security professionals think that insurance payments to reimburse organizations, who paid a ransom, make the problem worse. The chart below shows the responses.
So what can we do to make the seemingly insurmountable problem of ransomware a little bit better?
We can share information with each other. Eighty percent of those surveyed believe that sharing information between organizations is the key to better defending against ransomware attacks.
For more information on current perspectives of ransomware, read the full report from Talion.