Fortinet investigation: Two-thirds of organizations have been the target of at least 1 ransomware attack
Fortinet unveiled the 2021 State of Global Ransomware Report. The survey reveals that most organizations are more concerned about ransomware than other cyber threats. However, while the majority of organizations surveyed indicated that they were prepared for a ransomware attack, including employee e-learning, risk assessment plans, and cybersecurity assurance, there was a clear gap in this. that many respondents saw as essential technology solutions for protection and technology that can better guard against the most commonly reported methods of accessing their networks.
Rajesh Maurya, Regional Vice President, India and SAARC at Fortinet, said: “According to a recent FortiGuard Labs Global Threat Landscape report, ransomware has increased 1070% year over year. Unsurprisingly, organizations have cited the changing threat landscape as one of the main challenges in preventing ransomware attacks. As evidenced by our ransomware survey, there is a huge opportunity for the adoption of technology solutions such as segmentation, SD-WAN, ZTNA, as well as SEG and EDR, to help protect against the threat of ransomware and most commonly reported access methods. by respondents. The high number of attacks demonstrates the urgency for organizations to ensure that their security meets the latest ransomware attack techniques on networks, endpoints and clouds. The good news is that organizations recognize the value of a platform approach to ransomware defense.
Based on the technologies considered essential, organizations were most concerned about workers and remote devices, with Secure Web Gateway, VPN, and Network Access Control among the top picks. Although ZTNA is an emerging technology, it should be seen as a replacement for traditional VPN technology. Of most concern, however, was the low importance of segmentation (31%), a critical technology solution that prevents intruders from moving sideways across the network to access critical data and IPs. Likewise, UEBA and sandboxing play a vital role in identifying intrusions and new strains of malware, but both were at the bottom of the list. Another surprise was the 33% secure email gateway, as phishing was reported as a common entry method for attackers.
Organizations are more concerned about data loss
The main concern of organizations regarding a ransomware attack was the risk of data loss, followed closely by loss of productivity and disruption of operations. Additionally, 84% of organizations reported having an incident response plan, and cybersecurity assurance was included in 57% of those plans. As for paying a ransom in case of an attack, the procedure for 49% was to pay the ransom directly, and for an additional 25% it depends on the price of the ransom. Of the quarter that paid a ransom, most, but not all, recovered their data.
Ransomware issues are consistent globally
While concerns about ransomware were reasonably consistent across all areas, there were some regional differences. Respondents in EMEA (95%), Latin America (98%) and APJ (Asia-Pacific / Japan) (98%) were only slightly more concerned about ransomware attacks than their peers in North America (92%). All regions perceive data loss as the primary risk associated with a ransomware attack, along with the fear of not being able to cope with an increasingly sophisticated threat landscape. APJ uniquely cites the lack of user awareness and training as their main concern. Respondents in APJ and Latin America were more likely to have been victims of a ransomware attack in the past (78%), compared to 59% in North America and 58% in EMEA. Phishing decoys were a common attack vector everywhere, while Remote Desktop Protocol (RDP) exploits and vulnerable open ports were the primary attack vectors in APJ and LatAm.
The need for integration and intelligence
Almost all respondents consider threat intelligence actionable with integrated security solutions or a platform to be essential in preventing ransomware attacks and see the value of behavioral detection capabilities based on artificial intelligence (AI).
While almost all of the respondents feel they are moderately prepared and plan to invest in employee cybersecurity awareness training, it is clear from the survey that organizations need to recognize the value of investing in technology. such as advanced email security, segmentation and sandboxing, in addition to the pillars of NGFW, SWG and EDR, to detect, prevent and limit ransomware. It is important for organizations to consider and evaluate these solutions to reduce risk given today’s ransomware tactics and techniques. The most advanced organizations will take a security approach to their ransomware protection strategy that is platform-based and offers core capabilities fully integrated with actionable threat intelligence. They should also be designed to interact as a unified system and be enhanced with AI and machine learning to better detect and respond to ransomware threats.
If you have an interesting article / experience / case study to share, please contact us at [email protected]