Endpoint Security Trends and the Rising Threat of Fileless Malware Attacks
A recent study conducted by the Ponemon Institute has highlighted current endpoint security trends, details the ever-present threat from ransomware, and shows that fileless malware attacks are on the rise.
Each year, endpoint attacks cost the healthcare industry more than $1 billion. The high cost of mitigating attacks and the growing threat means endpoint security should be a priority for healthcare organizations. Unfortunately, many healthcare organizations are continuing to rely on traditional cybersecurity technologies, which fail to adequately protect against new threats. Further, investment in cybersecurity defenses often involves doubling down on existing technologies, rather than strategic spending on new technologies that are far more effective at reducing the risk of endpoint attacks.
The Barkly-sponsored study was conducted on 665 IT and security professionals. 54% of respondents said they had experienced at least one successful endpoint attack in the past 12 months. Ransomware attacks are rife. More than half of respondents said they had experienced at least one successful ransomware attack this year, while 40% of respondents said they had experienced multiple ransomware attacks.
Oftentimes, organizations pay the ransom to quickly regain access to their data, others are faced with no alternative but to pay the ransom. 65% of surveyed companies reported that they had paid a ransom demand to regain access to their files. The average ransom payment was $3,675.
The threat from ransomware is unlikely to go away. As long as the attacks are profitable, they will continue. A recent report from Cybersecurity Ventures suggests worldwide ransomware damages will reach $5 billion this year and will rise to $11.5 billion in 2019. To put those figures into perspective, the cost of ransomware attacks in 2015 was $325 million.
One of the most worrying endpoint security trends highlighted in the Ponemon Institute report was fileless malware. Fileless malware attacks have increased considerably in the past 12 months. Out of all organizations that reported experiencing at least one endpoint attack, 77% said at least one of those attacks involved an exploit or fileless malware. Overall, 29% of organizations have experienced a fileless malware attack, a rise of 20% from last year. Ponemon also reports that fileless malware attacks are also 10 times more likely to succeed than other types of malware attacks.
The cost of endpoint attacks is considerable. On average, it costs $301 per employee to mitigate an attack – or $5,010,600 per company, per year, on average. The healthcare industry alone has spent $1.3 billion in the past year mitigating endpoint attacks. Those costs are broken down as 30% due to loss of productivity, 25% due to system downtime, and 23% due to theft of information assets.
Preventing endpoint attacks is seen as a major problem, with more than half of respondents (54%) not believing that endpoint attacks can actually be stopped. Antivirus solutions are necessary to prevent malware infections, although they are rarely effective against current threats such as fileless malware.
“This survey reveals that ignoring the growing threat of fileless attacks could be costly for organizations,” said Ponemon Institute Chairman and Founder Dr. Larry Ponemon. “The cost of endpoint attacks in the companies represented in this study could be as much as $5 million, making an enterprise-wise endpoint security strategy more important than ever.”
The shortfalls of AV software have led many companies to invest in new technologies such as endpoint detection and response solutions, although those solutions do not prevent attacks, only limit the harm caused when they do occur.
50% of companies said they are planning to replace or augment their current endpoint security systems with new tools, although many respondents said they are experiencing problems with endpoint security systems, such as a high false positive rate, complex management of the solutions, and even when solutions are deployed, there are many protection gaps.