As we head into 2021, ransomware is making another resurgence, particularly in targeted attacks from highly organized hacker groups. In fact, cybercrime is surging since the start of the pandemic.
When IT and security professionals plan how to respond, they must not underestimate the degree to which many of the transformative changes to our working patterns enacted due to COVID-19 have already changed our risk of ransomware attacks.
After the first “shelter in place” orders were issued, many organizations swung into action to accommodate work-from-anywhere policies. The ability of these teams to accommodate their businesses and the flexibility in modifying working practices which, in some cases, had been set in stone for years, was remarkable.
Now, many organizations are assuming a more distributed and hybrid workforce as their new normal in order to provide resilience, agility and a far broader reach in the battle for talent. However, this change has led to an uptick in focused ransomware campaigns by targeting the “human attack surface” of such organizations in a more subtle, insidious manner.
In a survey of 582 information security professionals, 50% say they do not believe their organization is prepared to repel a ransomware attack. Adding to this, 75% of companies infected with ransomware were running up-to-date endpoint protection. Covering each and every endpoint is no longer enough to guarantee security. In order to protect organizations from the next big ransomware attack, security teams must invest in protecting the human attack surface and understanding the enterprise technology habits within its organizations that make it most ..