Ransomware attacks costs $133,000
The average cost to a business of a ransomware attack now stands at $133,000 (€107,210), according to a new survey from Sophos.
The “State of Endpoint Security Today” report survey found that along with this average cost per attack, more than half of businesses said they were struck twice.
“The incidence of ransomware continues to be a major issue, as more than half (54%) of organisations reported being hit in the last 12 months, with almost a third (31%) are expecting to be victims of an attack in the future”
The average cost, said the report, includes any ransom, as well as downtime, manpower, device cost, network cost, and lost opportunities. However, the average figure is balanced by the extremes also reported, with 5% reporting $1.3 million (€1 million) to $6.6 million (€5.3 million) as the total cost.
Furthermore, more than half of organisations report that they do not have anti-exploit technology, meaning they are easy prey for data breaches and complex threats, such as WannaCry.
The State of Endpoint Security Today survey polled more than 2,700 IT decision makers from mid-sized businesses in 10 countries worldwide, including the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India, and South Africa.
The survey concludes that despite the high-profile headlines of 2017, businesses are still not prepared to face what it terms “fast-evolving” threats, leaving them vulnerable to exploits and repeated attacks.
The survey found that the incidence of ransomware continues to be a major issue, as more than half (54%) of organisations reported being hit in the last 12 months, with almost a third (31%) are expecting to be victims of an attack in the future.
Awareness of technology to ward off such exploits was revealed to be low, as the majority (70%) of IT professionals were unable to identify the correct definition of anti-exploit technology, despite its criticality for modern attack prevention
The survey also showed that organisations need to rethink their security implementations, as more than three quarters (77%) of those impacted by ransomware were running up-to-date endpoint protection, which, the report says, confirms that traditional endpoint security is no longer enough to protect against today’s ransomware attacks.
“Ransomware is not a lightning strike — it can happen again and again to the same organisation. Cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server, or disabling security software,” said Dan Schiappa, senior vice president and general manager, Products, Sophos.
“Due to this complexity and intelligence of modern threats, traditional endpoint technologies are often unable to keep up with advanced exploit attacks used to compromise a system,” said Schiappa.
Schiappa argues that any security measures must include predictive, deep learning capabilities that can learn by experience, create a high accuracy rate, and a low false positive rate to allow it to properly protect against today’s threats.
Deep learning, says Sophos, is the latest evolution of machine learning, and delivers a massively scalable detection model that is able to learn the entire observable threat landscape. With the ability to process hundreds of millions of samples, deep learning can make more accurate predictions at a faster rate with far fewer false-positives when compared to traditional machine learning.
Sophos says that it has incorporated these capabilities into its Intercept X offering.