More than a third of businesses do not have a ransomware emergency plan in place, or are not aware if one exists within their company.
According to research from Ontrack of 484 organizations, 39% either did not have or were not unaware of a ransomware strategy, while 26% admitted they couldn’t access any working backups after an attack.
“The threat of ransomware has never been greater” said Philip Bridge, president of Ontrack. “The fact that only 39% of respondents to our survey have an emergency plan in place for a ransomware attack is shocking. They are gambling with their and their customers’ data.
“It is imperative, now as ever, to ensure your organization has processes and procedures in place to mitigate the impact of any cyber-attack and protect sensitive data,” added Bridge.
As the third anniversary of the NotPetya attacks were marked at the weekend, David Grout, CTO of EMEA at FireEye, said NotPetya highlighted the need for resiliency, backup and preparation, as well as the importance of being able to track and identify the perpetrators and understand their motives.
“In terms of what can be done to mitigate the effects of these attacks, primarily, it is essential that patches are made available quickly and that they are widely adopted. If a discovered vulnerability can be exploited, it is highly likely that threat groups will use it, and continue to do so until it is fixed, inflicting untold damage,” he said.
“The NotPetya attack could have been mitigated by ensuring updates to software were regularly conducted, as well as thorough assessments of a given organization’s security, especially through simulated cyber-breaches.”
Speaking to Infosecurity, BH Consulting CEO Brian Honan said, with ransomware becoming an increasing concern for many organizations, he is seeing more businesses take steps to tackle the threat.
“However, many of these steps focus very much on the preventive aspect of security controls and in particular on ensuring effective anti-virus software is in place. While this is an important element in protecting against ransomware, organizations do need to take a more holistic approach to protecting their businesses and ensuring they can continue to function and recover from an attack should it happen.”
Honan recommended having robust data backup and data recovery strategies in place. “The key is to ensure business resilience in the event of a ransomware attack,” he said. “To achieve this, organizations should incorporate their incident response processes, for all cyber-attacks and not just for ransomware attacks, with their business continuity plan so they can continue to operate, while looking to recover from secure backups.
“A good backup strategy that is regularly reviewed, secured and tested to ensure the data can be recovered is one of the most effective defenses against ransomware.”