At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    One-Fourth of Organizations Have Been Victim to a Ransomware Attack with 59% Starting with Email

    New analysis highlights just how prevalent ransomware attacks are today, how material the impacts are, whether organizations get their data back, and exactly how these attacks start.

    I love to see reports on the current state of attacks; it gives those of you reading this blog a better idea of exactly how attacks happen and what precautions will be most effective in rendering attacks useless.

    The most recent data from security vendor Hornetsecurity, in their 2022 Hornetsecurity Ransomware Attacks Analysis report shows that a sizable amount of organizations are seeing successful ransomware attacks within their organization:

    • 24% of organizations have experienced a ransomware attack
    • 21% of all ransomware attacks have occurred in the last 12 months

    In most cases, the affected organizations are able to retrieve their data from backups, but according to the analysis, 14% of victims lost their data and 7% had to pay the ransom to get their data back – making it 1 in 5 organizations who found themselves unprepared and in trouble when it comes to their data.

    So, how did these attacks occur? According to the analysis, it’s mostly related to email and/or social engineering:

    • 59% of attacks started with an email-based phishing attack
    • 16% of attacks started with a compromised endpoint (which is usually the result of one of four things in descending order: phishing attack, social engineering, RDP brute force, or vulnerability exploit)

    The analysis also reveals that 27% of organizations don’t provide Security Awareness Training – a percentage that is likely much higher when you look at the quality of training provided (e.g., breakroom training for an hour once a quarter isn’t going to stop an attack). Using Hornet’s data, it’s evident that continual training is going to have a material impact on stopping ransomware attacks at their point of entry – the Inbox.

    Free Ransomware Simulator Tool

    Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

    KnowBe4’s “RanSim” gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 22 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

    Here’s how it works:

    • 100% harmless simulation of real ransomware and cryptomining infections
    • Does not use any of your own files
    • Tests 23 types of infection scenarios
    • Just download the install and run it 
    • Results in a few minutes!
    Get RanSim!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/ransomware-simulator-tool-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top