Home » Ransomware = Biggest Threat to Cloud, Data and Enterprise Infrastructures

Cyber Security NewsCyberSecurity Newswire

Ransomware = Biggest Threat to Cloud, Data and Enterprise Infrastructures

August 7, 2019

According to the “Vectra 2019 Spotlight Report on Ransomware”, recent ransomware attacks have cast a wider net to ensnare cloud, data center and enterprise infrastructures.

Cybercriminals are targeting organizations that are most likely to pay larger ransoms to regain access to files encrypted by ransomware. The cost of downtime due to operational paralysis, the inability to recover backed-up data, and reputational damage, are particularly catastrophic for organizations that store their data in the cloud.

For instance, first seen in August 2018, Ryuk has targeted more than 100 U.S. and international businesses, including cloud service providers like DataResolution.net. CrowdStrike characterizes the approach used by Ryuk as “big-game hunting” because attackers have made off with millions of dollars from a wide range of victim organizations with perceived high annual-revenues.

The report found that that while ransomware is dangerous, the total volume of detections has been decreasing for some time. California experienced the largest percentage of the total volume of file encryption in ransomware attacks, followed by Texas and Ontario.

In North America, the percentage of the total number of incidents exhibiting ransomware network file encryption per industry:

Finance and insurance (38 percent)
Education (37 percent)
Government (9 percent)
Manufacturing services (5 percent)
Healthcare (3 percent)
Retail (3 percent)
Energy (1 percent)

In Europe and the Middle East:

Finance and insurance (35 percent)
Healthcare (18 percent)
Energy (17 percent)
Manufacturing (13 percent)
Services (8 percent)
Tech (4 percent)
Retail (4 percent)
Government (1 percent)

“Our research indicates that 53 percent of organizations say they have a ‘problematic shortage’ of cybersecurity skills today and the ramifications of it are very evident with fast-moving ransomware attacks,” said Jon Oltsik, senior principal analyst at the Enterprise Strategy Group. “The industry simply doesn’t have enough trained security folks scanning systems, threat hunting or responding to incidents.”

You must login or register in order to post a comment.

A critical event is defined as an incident that disrupts normal operations, such as severe weather, crime, violence and critical equipment or technology failures. Business continuity and crisis response plans can only go so far if there isn't buy-in across functions, with executive-level support.

How CISOs Can Turn Security Training and Awareness into Action

In this webinar, security expert Pieter Danhieux explores how CISOs and CIOs can inspire real change, fostering a positive security culture that enables their development teams to become more security-aware, more aligned with internal AppSec specialists and, ultimately, securing code as it is written.

Poll

Mass Notification

View Results

Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Security Magazine

2019 August

Our August issue cover story features Steve Baker, CSO at State Street Corporation. Also in August, how did a Guidewell Security team member save a life? And learn how digital technology and IoT devices can combat both physical and cyberattacks.

View More Subscribe

Ransomware = Biggest Threat to Cloud, Data and Enterprise Infrastructures

Related Articles

Related Products

Report Abusive Comment