New data from New Zealand security firm Emsisoft shows that more organisations are being successfully being attacked and held for ransom, putting operations at risk.
I recently wrote about how ransoms have more than doubled in the last quarter alone. There’s apparently more bad news to add fuel to the ransomware fire – the number of attacks is growing substantially. According to new data provided to the New York Times by Emsisoft, the number of organisations submitting files encrypted by new ransomware attacks has jumped from approximately 147K to over 205K – a 41 percent increase in just one year!
This isn’t good news for organisations; ransomware attacks are just the tip of the cyberattack iceberg, with attackers leveraging other attack methods including extortion, data theft, lateral movement, island hopping, and selling achieved access.
If you haven’t been paying attention to ransomware, now is most definitely the time; think about it – more organisations are successfully being hit, ransom demands have increased, and attackers are taking additional precautions to ensure they make money off of you.
Ransomware is no longer a question of how to recover, but how to prevent.
In my experience, bad guys tend to take the easiest routes – and that means using spear phishing attacks to gain entrance into corporate networks. Security solutions intent on detecting and blocking email-based attacks have been shown to only stop some – but not all – of these kinds of attacks.
Users MUST become a part of your organisation’s security strategy. In fact, they represent both your last and best line of defence – that is, if properly educated through Security Awareness Training. Proper training gives users the same innate ability to weed out suspicious emails (just like you IT folks) before they click on anything malicious.
We no longer can afford to believe that software alone will address the problem. It’s time to put security into the hands of your users.
Request Your Security Awareness Training Demo
New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilise users as your last line of defence.
Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://www.it-businessnetwork.com/sw/swchannel/registration/internet/Registration.cfm?SWSESSIONID=9E77AFAB878FE1EBBB3CC74D890E080D&RegPageID=5232821