Around half of firms don’t have the technology to prevent or detect ransomware attacks, according to research by cybersecurity company Trend Micro. It suggests that many of organisations don’t have the cybersecurity capabilities required to prevent ransomware attacks such as the ability to detect phishing emails, remote desktop protocol (RDP) compromise or other common techniques deployed by cyber attackers during ransomware campaigns.
For example, the report warns that many organisations struggle with detecting the suspicious activity associated with ransomware and attacks which could provide early evidence that cyber criminals have compromised the network. That includes failing to identify unusual lateral movement across corporate networks, or being able to spot unauthorised users gaining access to corporate data.
The cyber criminals behind ransomware attacks are accessing this data not only just to encrypt it, but also steal it, using the threat of publishing stolen information as extra leverage to pressure ransomware victims into paying the ransom for the decryption key.
In addition to this, the research, commissioned by Trend Micro suggests that under half of organisations can recover quickly following a ransomware attack. In addition to this, two in five could struggle to effectively learn the mitigation processes required to avoid falling victim to a ransomware attack in future, even after falling victim to cyber criminals.