Survey: Only 38% of security pros are confident in ransomware recovery

Tripwire, Inc., a provider of endpoint protection and response, security and compliance solutions, has announced the results of a survey of 200 security professionals attending the RSA Conference 2016 between Feb. 29 and March 4. 

When asked if their company could recover from a ransomware infection without losing critical data, only 38% percent of the respondents said they are “very confident” they could do so.

According to Blue Coat Systems' 2015 Mobile Malware Report, ransomware is now the top malware threat targeting mobile devices, and it has even begun to infect Macs. Multiple security firms believe hackers previously associated with the Chinese government may be behind the rise in attacks

Additionally, cyber criminals have started to incorporate phishing into their ransomware campaigns, such as one that Symantec recently uncovered, which attempts to lure Visa credit card holders into downloading ransomware disguised as credit card reward emails. Additional survey findings include:

  • Seventy-three percent said critical infrastructure providers are more vulnerable to ransomware attacks than other organizations.
  • More than half (fifty-two percent) said they are not confident their executives could spot a phishing scam.
  • Fifty-eight percent said their company has seen an increase in spear phishing over the past 12 months.

“The decision to pay a ransom comes down to the confidence and financial cost of recreating or restoring data from a previous backup,” says Travis Smith, senior security researcher for Tripwire. “Since most ransomware samples we have seen have a time limit to pay, it’s important to have confidence that you can restore the majority of data on short notice. Organizations should focus on improving backup and restoration procedures to reduce the cost of restoring data and services after a potential breach.”