Skip to main content

Companies are getting better at bouncing back from ransomware

security
(Image credit: Shutterstock / binarydesign)

Ransomware attacks are rising in numbers, but the effects aren’t long-lasting, suggesting that companies are getting better at bouncing back from these types of attacks, a new report has found.

Surveying roughly 900 enterprise professionals from 14 industries, security firm Cymulate found more than a quarter (28%) of organizations suffered a ransomware attack over the last few years, including both SMBs and large enterprises. 

However, just 14% of the respondents that experienced an attack were down for at least a week. Almost a fifth (19%) experienced “major damages and interruption to business or reproduction”, while a quarter reported damages relegated to “a few” systems.

Poor password hygiene remains one of the biggest gateways to compromise via malware, the report further states, adding that organizations are doing all kinds of things to better defend, from increasing awareness of ransomware threats at boardroom and business management levels, to allocating more security budget, to growing their headcount.

Lacking confidence

What’s more, most companies are creating new or modified incident response plans, as well as adopting offensive cybersecurity solutions. Some have added traditional security procedures and purchases because of ransomware, while others increased endpoint detection and response, and multi-factor authentication usage. 

Regardless of these moves, however, more than half don’t feel confident they can fend off a ransomware attack. In fact, the report concludes, all companies have a 25% chance of being hit by ransomware at any point.

In this day and age, ransomware remains one of the biggest threats to businesses of all sizes, from microbusinesses, to SMBs, to enterprises. Even though many small business owners doubt they would be targeted, they must remain vigilant, as a ransomware attack could be devastating enough to force them to close the business altogether.

Ransomware operators often deploy a quadruple attack - file encryption, data theft, DDoS attacks, and phone intimidation, in order to pressure the company into paying the ransom.