UK FIRMS RECOGNISE RANSOMWARE THREAT BUT MANY DON’T UNDERSTAND HOW IT WORKS
Despite growing awareness of the ransomware threat, many UK businesses are still in the dark over how the malware actually works.
Research from Trend Micro found that while 82 per cent of UK firms consider ransomware a threat, 20 per cent of IT decision makers are unsure how it works.
Even more worryingly, 11 per cent said they have not heard of it, and only a third rightly believe that the majority of infections begin by opening email attachments.
24 per cent said they think most infections come from links within emails, and 14 per cent believe they originate from general internet browsing.
69 per cent of companies think they will be targeted by ransomware in the next 12 months, the survey found, while three quarters have already been attacked.
More encouragingly, 77 per cent have created incident response plans – including 89 per cent of those that have recently been infected. Despite this, a third of companies have not tested their responses.
Similarly, 97 per cent of firms have automated back-up and recovery systems for their critical files and 86 per cent keep an offline copy of the back-up files themselves, but 41 per cent last backed up their critical files more than two years ago.
A third of companies also lack a programme to educate employees on phishing attacks, and only 69 per cent of IT leaders say they have full control over which applications their companies’ workers install on their devices.
“Ransomware continues to dominate the threat landscape as organisations are unwittingly fuelling the cyber criminal underground economy,” said Bharat Mistry, a cyber security consultant at Trend Micro.
“While it’s promising to see that UK organisations are preparing response plans and deploying preventative methods, a lack of understanding over how the malware actually works could make these actions redundant and is leaving organisations vulnerable to repeat attacks.”