Lightning Likely to Strike Twice for Victims of Ransomware Attacks

A new report commissioned by online security company Sophos has revealed that victims of ransomware attacks are likely to experience further attacks within a year. The report confirms the healthcare industry is at the greatest risk of suffering multiple ransomware attacks.

In order to compile the report – “The State of Endpoint Security Today” – the research company Vanson Bourne surveyed 2,700 IT managers in organizations of 100 to 5,000 users across the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India, and South Africa. The results of the survey make unpleasant reading:

  • 54% of the surveyed organizations were victims of one or more ransomware attacks in the last year.
  • Of the organizations that were victims of ransomware attacks, there was an average of two attacks per organization.
  • The median financial impact per affected organization amounted to $133,000 (including ransom paid, downtime, rectification costs, etc.).
  • The financial impact for the top 3% of organizations suffering a successful ransomware attack was between $6.6 million and $13.3 million.
  • The healthcare industry was the top target for ransomware attacks (76% of respondents), followed by energy (65%), professional services (59%), and retail (58%).
  • 77% of attacked organizations were running up-to-date endpoint security at the time of the attack, however 54% of organizations have not implemented specific anti-ransomware technology.

Why Healthcare Organizations are more often Victims of Ransomware Attacks

Despite being among the top spenders on online security, healthcare organizations are more often victims of ransomware attacks. The authors of the report believe this is because healthcare is perceived as a soft target by cybercriminals due to having an aging IT infrastructure and restricted resources for improving IT security. Healthcare organizations are also considered to be more likely to pay a ransom.

This would imply that healthcare organizations are spending their IT budgets on the wrong kind of security defenses, and the results of the survey appear to confirm that implication. 60% of respondents said their current cyber defenses are insufficient to contend with the growing complexity of ransomware attacks, although only 31% of respondents expect to be victims of a ransomware attack in the future.

Dan Schiappa – the senior vice president and general manager of products at Sophos – said: “Ransomware is not a lightning strike – it can happen again and again to the same organization. Cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server, or disabling security software.

As cybercriminals are finding entry points other than those protected by endpoint security, healthcare organizations should review all their IT infrastructure to identify potential vulnerabilities. In addition to implementing software security solutions where required, special attention should be given to users connecting with healthcare networks in order to ensure they are aware of the threat from ransomware.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.