London, 5th October 2016 – Latest research from online security firm Trend Micro revealed that although a vast majority (82%) of UK organisations consider ransomware a threat, a fifth (20%) of UK IT decision makers are unsure how the malware actually works. A further 11% have never heard of it.
Only a third (33%) of UK IT decision makers rightly believe that the majority of ransomware infections originate from opening an attachment in an email, while a quarter (24%) believe infections come from clicking a link in an email and more than 1 in 10 (14%) believe ransomware infections originate from browsing the internet generally.
The survey also revealed UK companies lack confidence in their ability to fight off a ransomware infection, despite employing a number of prevention methods. Seven in ten companies (69%) believe it’s likely their organisation will be targeted by ransomware in the next 12 months, which raises to 75% for organisations who already have experienced a ransomware attack.
To prepare for a ransomware attack, 77% of companies surveyed have created an incident response plan, including 89% of those who have been infected recently. However, as much as a third (33%) of companies haven’t actually tested it. When asked about other ransomware prevention methods, 97% of companies said they employ automated back-up and recovery of their critical files and 86% of organisations keep an offline copy of the back-up file. However, 41% of companies last backed-up their critical files more than two years ago.
In addition, almost a third of companies (33%) do not have a program to educate employees on the hazards and prevention of phishing attacks, and only 69% of UK IT decision makers feel they have full control over the applications their users install on their devices.
Bharat Mistry, cybersecurity consultant at Trend Micro, said: “Ransomware continues to dominate the threat landscape as organisations are unwittingly fuelling the cyber-criminal underground economy. While it’s promising to see that UK organisations are preparing response plans and deploying preventative methods, a lack of understanding over how the malware actually works could make these actions redundant and is leaving organisations vulnerable to repeat attacks.”
“It’s vital that any incident response plans are tested and that employees are regularly educated on the latest attack methods to keep the threats at bay.”
The data forms part of Trend Micro’s UK ransomware research, which revealed that almost half (44%) of UK businesses have been infected by ransomware in the last 24 months. Almost a third (27%) of those more than once - with the most unlucky UK organisation targeted as much as five times. Two thirds (65%) ended up caving in to the demands and paying the ransom, perpetuating the threat cycle.
During the first part of 2016, Trend Micro blocked and detected almost 80 million ransomware threats and identified 79 new ransomware families - a 179% increase from 2015.
Notes to editors
The survey of 305 ITDMs at large UK organisations (over 1000 employees) was sponsored by Trend Micro and conducted by Opinium in August 2016.
About Trend Micro
Trend Micro Incorporated (TYO: 4704), a global leader in security software, strives to make the world safe for exchanging digital information. Our solutions for consumers, businesses and governments provide layered content security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Leveraging these solutions, organizations can protect their end users, their evolving data center and cloud resources, and their information threatened by sophisticated targeted attacks.
All of solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™, and are supported by over 1,200 threat experts around the globe.