By Don Reisinger  |  Posted 2017-01-04


Enterprises Ill-Prepared to Ward Off Fast-Evolving Ransomware: Report

Ransomware Poses Evolving Threat to Enterprises in 2017, Report Finds
A research report by Trend Micro and Information Security Media Group finds that enterprises are ill-prepared to defend themselves from ransomware threats.

Enterprises Ill-Prepared to Ward Off Fast-Evolving Ransomware: Report

Companies Are Constantly Under Attack
Hackers are actively targeting companies, the Trend Micro and ISMG data shows.
In fact, in 2016, 53 percent of responding companies said they had been victims of a ransomware attack.

That figure could grow in the coming year as more ransomware threats come online.

Enterprises Ill-Prepared to Ward Off Fast-Evolving Ransomware: Report

Not All Companies Recognize the Signs of an Attack
One of the problems with ransomware is that many targeted companies don’t realize they’re under threat until it’s too late. More than 4 in 10 companies said they don’t know how often their networks are being targeted by ransomware creators, effectively making it difficult to fight attacks until it’s too late.

IT Might Be Overestimating Defense Strength
Despite more than half of companies surveyed facing ransomware in 2016 and many admitting they wouldn’t know when they’re being attacked, 59 percent of corporate security leaders said their existing ransomware defenses are “above average or superior.” Trend Micro said in a statement that there is a “disconnect between the perception of organization security defenses and the number of effective ransomware attacks.”

New Ransomware Families Emerge Monthly
Unfortunately for companies, there’s little chance of ransomware slowing down anytime soon.
In fact, Trend Micro found that an average of 10 new ransomware families cropped up each month in 2016.

That means each month companies need to worry about 10 more threats than they faced in the previous month.

Some Companies Are Being Pelted
Although not all companies know how often they’re being attacked with ransomware, those that do know shared some staggering statistics on just how much they need to worry about threats. Nearly 20 percent of companies said that they were hit by ransomware attacks at least 50 times per month in 2016.

Employees Are Unwitting Allies of Ransomware Distributors
Employees continue to be a problem for companies trying to fend off ransomware.

A whopping 60 percent of companies surveyed said employees are the primary vehicle by which hackers try to penetrate a network and lock it down.

Closely Guard Corporate Website
Keeping a close eye on the corporate website might be important: The report found that 65 percent of ransomware finds its way into the network via compromised websites, according to Trend Micro.
In many cases, the ransomware flows from the website to an employee’s email, where a malicious link is clicked and the company finds itself in trouble.

Ransomware Is Costly Even If Hackers Don’t Get Paid
Ransomware obviously can be costly if companies decide to pay the ransom to hackers to unlock their networks. However, 59 percent of respondents said that ransomware’s greatest consequence is business disruption.

Another 28 percent of respondents said that ransomware also can cause reputational damage that troubles their businesses.

How Most Companies Protect Themselves
In 78 percent of cases, companies are using data backup and recovery to sidestep ransomware attacks.

The idea is that should data is compromised and deleted off the network by a hacker, it can be restored quickly from a backup.

Thanks to this methodology, just 23 percent of ransomware victims actually paid a ransom in 2016.

How Companies Should Protect Themselves
Trend Micro and ISMG say hackers know companies typically protect themselves by using data backup and recovery.
So they’ve changed tack and are exploiting weaknesses before data can be backed up and restored.

The companies recommend a multilayered response to ransomware by protecting email, websites, endpoints, networks and servers in addition to data backup and recovery.

Ransomware is a big problem and becoming more serious as hackers around the world target enterprises that are most able to pay hefty data ransoms and can’t afford to be locked out of critical business data, a new report from security companies Trend Micro and Information Security Media Group (ISMG) reveals.

The two firms recently surveyed IT leaders at more than 225 companies worldwide on their experience with ransomware.

The results were sobering: More than half of respondents reported a ransomware attack in 2016, and a surprisingly large number of IT leaders have no idea how often their company is attacked. Meanwhile, new ransomware families are cropping up at a rapid rate, according to Trend Micro.

These facts combined could create major security problems for companies in 2017, the firms say, which is why safeguarding corporate networks from ransomware is critical.
In the following slides, eWEEK will discuss the survey’s findings and hopefully shed some light on ransomware to help companies improve their defenses in the years ahead. Read on for more.

Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis’
Since then, he has written extremely popular columns for, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at

Leave a Reply