Olivier Le Moal - stock.adobe.co
Malware is the most destructive security threat affecting organisations of all sizes in the public and private sector, a survey of information security professionals reveals.
The majority of respondents (86%) perceive malware as an extreme threat, according to the 2019 malware report by the Cybersecurity Insiders security community and IT management software firm HelpSystems.
More than three in 10 (37%) said the threat was moderate, while only 11% said malware was a small threat and just 3% said they do not perceive malware as a threat at all.
Simliarly, a “significant majority” (71%) believe that malware, including ransomware, will become a larger threat to their organisations in the next 12 months, while 68% believe malware attacks will become more frequent, the report said.
Asked what motivates those behind malware attacks, financial gain (77%) tops the list, followed by a desire to sabotage and disrupt business activities (54%). The most targeted data, respondents said, is customer information (60%), tied with financial data (60%), followed by intellectual property (52%).
“But while money extortion is the most common motivation for cyber criminals, in some cases attackers are hacking for fun (31%), for state-sponsored attacks (25%) and for political beliefs (17%),” the report said.
The report reveals that 76% of respondents believe a malware attack in the next 12 months is moderately to extremely likely, driven mainly by organised cyber crime (67%), followed by opportunistic hackers (65%) and state-sponsored hackers (40%).
However, despite the perceived threat by these bad actors, more than half (55%) of organisations are not confident in their ability to detect and block an attack before it affects critical systems. Only 12% are extremely confident, while 33% said they were very confident.
A positive finding is that 72% of organisations claim to have an incident response team in place. “The good news is organisations realise that incident response is a critical piece of an effective, multi-layer defence against attacks,” the report said.
The most significant business impact of malware attacks is the resulting productivity loss (58%) and system downtime (50%).
Other reported impacts of malware attacks include data loss (26%), loss of confidence in security controls (20%), revenue loss (17%), damage to company reputation (16%) and bad publicity (14%).
The survey shows that organisations prioritise user awareness training (75%) and anti-malware solutions (74%) as most effective in preventing malware attacks. The survey indicates both anti-malware/antivirus/endpoint security solutions (74%) and email and web gateways (64%) were highly effective as preventive approaches to malware/ransomware threats.
Read more about malware
- Document-based malware spiked in the first quarter of the year, building on a gradual rise in the past year, warn researchers.
- Microsoft Word document and zero-day attacks on the rise.
- Slingshot router malware: a warning for businesses.
- How to tackle fileless malware attacks.
The report highlights that ransomware has quickly emerged as a lucrative venture for cyber criminals, in part due to more sophisticated tools for ransomware creation and deployment, with 71% of organisations reporting two or more ransomware attacks in the past 12 months.
“However, it is important to note that lesser known ransomware strains should not be dismissed as less powerful as the results can be just as damaging to any organisation,” the report said.
More than 4 out of 10 organisations surveyed (42%) said they experienced ransomware attacks, up from 37% in 2018, while 58% said they have not been affected by ransomware yet or are not aware of a previous or ongoing attack.
Business ransomware detections increased by 365% in the past year, dominated by Ryuk and Phobos which increased 88% and 940% respectively, a report on cyber crime trends by security firm Malwarebytes revealed.
GandCrab and Rapid ransomware attacks on businesses also increased in the past year, with Rapid up 319% and GandCrab up just 5%, showing a slowdown in growth.
These increases in business detections, the report said, show that cyber criminals are searching for higher return on investment (ROI) as consumer detections decreased by 12%.
According to the Cybersecurity Insiders report, email and web use represent the most common ransomware infection methods, with respondents saying it is only a matter of time until an employee opens an email attachment (63%), answers a phishing email (62%) or visits a compromised website (48%).
Cyber security professionals continue to view data backup and recovery (57%) as the most effective response to a ransomware attack because organisations can often restore critical data without having to pay any ransom.
The three biggest obstacles to stronger malware defence, the survey found, are lack of budget (51%), dealing with evolving sophistication of attacks (40%), and tied at 36%, poor user awareness and lack of human resources.
Read more about ransomware
- Businesses are increasingly becoming the most popular targets for ransomware, which remains a top cyber threat around the world, especially in the US, a report reveals.
- Vectra 2019 Spotlight report shows recent ransomware attacks cast a wider net to ensnare cloud, datacentre and enterprise infrastructures.
- Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals.
- St John Ambulance’s response to ransomware attack demonstrates that it is possible to ensure minimal disruption if properly prepared.