A new Trend Micro study reveals that half of all US companies are ineffective at combating phishing and ransomware threats, as reported in Media OutReach.
The findings result from an Osterman Research study commissioned by Trend Micro and based on interviews with 130 cybersecurity experts from mid-sized and large businesses.
In general, the survey questioned respondents to assess their efficiency in 17 critical best practice areas linked to ransomware and phishing, ranging from safeguarding endpoints against malware infection to ensuring that all systems are patched as soon as possible.
The findings
According to the report, half of the respondents said they were inefficient overall at combating phishing and ransomware. While 72% believed they are unsuccessful at preventing residential equipment from being used as a conduit for hacks on business networks. Interestingly, only 37% considered themselves highly effective at implementing 11 or more of the identified recommended practices.
Tony Lee, head of consulting at Trend Micro Hong Kong and Macau, confirmed:
“Phishing and ransomware were already critical enterprise security risks even before the pandemic hit and, as this report shows, the advent of mass remote working has increased the pressure of these threats.”
The threat environment was further divided into 17 categories of security incidents, with 84% of respondents having encountered at least one of them, emphasizing the ubiquity of phishing and ransomware.
The most common attacks
As specified in the study, the most frequent and successful attacks were concerning business email compromise (BEC) – 53%, phishing emails resulting in malware infection 49%, and 47% account compromise in general.
Ransomware wreaks havoc on governments, hospitals, schools, and private businesses, as well as any other targets judged vulnerable to extortion and capable of paying. It frequently leads to both data loss and potentially catastrophic IT service disruptions.
Microsoft ups security
Amid a fierce struggle with ransomware, Microsoft (NASDAQ: MSFT) has been quietly expanding and strengthening its security capabilities.
Last month, the software company purchased ReFirm Labs to help secure servers and Internet of Things devices from security threats. At the same time, Microsoft recently revealed its acquiring cybersecurity startup RiskIQ to tighten up its security.
RiskIQ offers management tools and threat intelligence gathering against a wide range of cyberattacks across Microsoft’s cloud services, AWS, on-premise servers, and supply chain threats.
Due to the high success rates of both phishing and ransomware operations, unfortunately, both are expected to become more prevalent in the future years.
[robinhood]
