Ransomware: Once You've Been Hit Your Business Is Never The Same Again
Getting hit with a ransomware attack damages an organisation in many ways - from stopping it being able to fully operate for weeks, to angry customers and potential reputational damage. But a ransomware attack also has a human cost, affecting the confidence of IT and information security teams and potentially for a long time after the initial attack.
A new research paper by cybersecurity company Sophos says the extent of this confidence hit is so significant that the culture at these companies is never the same again. That's perhaps not surprising as there area some suggestions suffering a major attack can make your organisation more likely to be hit again because criminals will identify it as an company that could be easy target.
According to the survey, nearly three times as many IT and information security staff in organisations which have been hit by a ransomware attack feel as if their organisation is 'significantly behind' when it comes to facing cyber threats, compared with those in organisations which haven't suffered a ransomware attack.
That lack of confidence also extends to business leadership, where management of a company hit by ransomware will also perceive the company to be significantly behind on cyber threats, compared with companies which haven't.
More than one third of ransomware victims said that recruiting and retaining skilled IT security professionals was their single biggest challenge when it comes to cybersecurity, compared with just 19% of those who hadn't been hit.
Being hit with a ransomware attack also appears to have an impact on re-skilling and training employees, with the results of the survey suggesting that organisations which have fallen victim to a ransomware attack are more likely to implement 'human-led' threat hunting on their networks over those which haven't been hit.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
The idea is that by having human eyes on the network, it could be easier to spot unusual activity which could be the hallmark of an incoming cyber attack.
This could prove to be important for organisations which have fallen victim to ransomware attacks which could also find themselves more vulnerable to additional cyber threats following an incident.
The report suggests that almost a third of organisations hit with ransomware have five or more third-party suppliers directly connected to their network.
Third-party suppliers have become a significant entry point for cyber attackers, so by having defenders monitor the supply chain, it could go a long way to preventing ransomware and other kinds of cyber attacks. Unfortunately, it seems that in some circumstances, falling victim to a ransomware attack is what's required to shift attitudes to security.
"The difference in resource priorities could indicate that ransomware victims have more incidents to deal with overall," said Chester Wisniewski, principal research scientist at Sophos.
"However, it could equally indicate that they are more alert to the complex, multi-stage nature of advanced attacks and therefore put greater resource into detecting and responding to the tell-tale signs that an attack is imminent," he added.
However, despite the number of organisations which have fallen victim to cyber attacks, the report concludes that it's "encouraging" how information security teams are evolving, especially when it comes to reacting to ever-evolving threats.
READ MORE ON CYBERSECURITY
- Ransomware is evolving, but the key to preventing attacks remains the same
- Honeypot reveals tactics used by cyber criminals to deploy ransomware TechRepublic
- Ransomware: Surge in attacks as hackers take advantage of organisations under pressure
- How to avoid a spear-phishing attack. 4 tips to keep you safe from timeless scams CNET
- 30 years of ransomware: How one bizarre attack laid the foundations for the malware taking over the world
Reassessing AI Investments: What The Correction In US Megacap Tech Stocks Signals
The recent correction in US megacap tech stocks, including giants like Nvidia, Tesla, Meta, and Alphabet, has sent rippl... Read more
AI Hype Meets Reality: Assessing The Impact Of Stock Declines On Future Tech Investments
Recent declines in the stock prices of major tech companies such as Nvidia, Tesla, Meta, and Alphabet have highlighted a... Read more
Technology Sector Fuels U.S. Economic Growth In Q2
The technology sector played a pivotal role in accelerating America's economic growth in the second quarter of 2024.The ... Read more
Tech Start-Ups Advised To Guard Against Foreign Investment Risks
The US National Counterintelligence and Security Center (NCSC) has advised American tech start-ups to be wary of foreign... Read more
Global IT Outage Threatens To Cost Insurers Billions
Largest disruption since 2017’s NotPetya malware attack highlights vulnerabilities.A recent global IT outage has cause... Read more
Global IT Outage Disrupts Airlines, Financial Services, And Media Groups
On Friday morning, a major IT outage caused widespread disruption across various sectors, including airlines, financial ... Read more