Technology / 100 per cent of analysed ransomware infections got around victims’ anti-virus
100 per cent of analysed ransomware infections got around victims’ anti-virus
11 November 2016 |
100 per cent of companies hit by successful ransomware attacks in a new study were running anti-virus, a survey has shown.
Research by Barkly found that all of the companies that reported they were infected with ransomware in the last 12 months were running anti-virus software at the time.
Meanwhile, 95 per cent of the attacks bypassed firewalls, 77 per cent got past email filters, 52 per cent circumnavigated anti-malware solutions and 33 per cent were successful even though the victim had completed security awareness training.
"That may not come as a big surprise if you eat, breathe and sleep infosec," wrote Barkly's senior content manager Jonathan Crowe in a blog post explaining the results.
"But if security is just one of your many IT responsiblities (or if you're an executive who doesn't deal with security day to day) it may be a bit of a wake up call."
He said the figures highlight "a glaring gap in protection".
The report also looked at what companies do after a ransomware infection. The survey results showed 43 per cent did not invest in any additional solutions.
However, 26 per cent invested in email filtering, 25 per cent splashed the cash on security awareness training, 20 per cent spent more on anti-virus and 17 per cent improved their firewall defences to try to up their cyber security standards.
“One way to read these reactions is that, lacking obviously better options but still feeling the pressure to do something, companies are taking the only immediate path they see forward — adding more of the basic, foundational security solutions that have widely-accepted benefits even though they also have widely-acknowledged holes,” Crowe wrote.
However, he said the fact that nearly half of IT professionals did not invest in security after an attack showed a lack of solutions that they feel they can trust.
For more from the report, see the Barkly blog.