Overconfidence in ransomware and other cybersecurity protections found in new survey

ExtraHop has released the results of a new ransomware survey that sheds light on the gaps between how IT decision makers (ITDMs) view their current security practices and the reality of the ransomware attack landscape. The ExtraHop Cyber ​​Confidence Index 2022 report shows that no matter how well IT organizations handle the dramatic transformations of the past two years, trust still tends to outpace the actual security posture.

The survey, conducted by Wakefield Research, found that 77% of ITDMs have full or complete confidence in their organization’s ability to prevent or mitigate cybersecurity threats. Despite this confidence, 64% admit that half (or more) of their cybersecurity incidents are the result of their own outdated IT security postures, including the widespread use of insecure and outdated protocols, as well as the growing number of unmanaged devices. This inflated confidence is even more dangerous given the frequency of ransomware attacks – 85% said they had experienced at least one ransomware attack and 74% said they had experienced multiple incidents in the past five years.

Other key findings from the survey include:

  • The cost of ransomware is high: 72% of respondents admitted to having paid a ransom in the past, while 42% of businesses that experienced a ransomware attack said they had paid the requested ransom most or all of the time.
  • Business impacts of ransomware attacks: Ransomware attacks affect the entire organization. 51% of respondents reported business disruptions resulting from attacks against IT infrastructure, 44% reported business disruptions resulting from attacks against OT infrastructure, such as medical devices, computer systems, automation, and 46% reported business disruptions resulting from user-targeted attacks.
  • Everyone is looking for better insights, data, and cooperation: When asked to identify their top challenges, 43% cited lack of cooperation between their network, security, and cloud operations teams. Additionally, 40% cited a lack of investment, 39% cited the time it takes to train new hires, and 35% cited inadequate or overlapping tools.
  • WFH with outdated protocols: Despite the shift to working from home, 69% of respondents admitted to transmitting sensitive data over unencrypted HTTP connections instead of more secure HTTPS connections. 68% still use SMBv1, the protocol exploited in major attacks such as WannaCry and NotPetya, resulting in over $1 billion in damage worldwide.
  • Organizations are far from transparent: While two-thirds (66%) of respondents agreed it was good to disclose attacks, only 39% said they were completely open about attacks and willing to make the information accessible to the public when it has actually taken place.
  • Slow response times to critical vulnerabilities: When it comes to responding to critical vulnerabilities by installing patches or shutting down a vulnerable solution, response times vary. Only 26% respond within a day, probably fast enough to prevent most attacks, while 39% take between one and three days, 24% up to a week and 8% up to a month.

This study shows that while enterprises continue to innovate with cloud technologies and remote workforces, their IT infrastructures remain mired in the past, with outdated protocols providing attackers with continued opportunities to infiltrate networks and trigger ransomware attacks. A lack of visibility and effective use of data has also contributed to barriers organizations face in identifying vulnerabilities and preventing ongoing ransomware attacks.

“This research highlights the gaps between the reality of today’s sophisticated attack landscape and the overconfidence many business leaders have in their ability to handle an attack,” said Jeff Costlow, CISO at ExtraHop. “Defenders need tools that can track attacker activity across cloud, on-premises, and remote environments so they can identify and stop an attack before it can compromise the business.”


The survey of 500 security and IT decision makers in the US, UK, France and Germany was conducted by Wakefield Research and sponsored by ExtraHop. Survey participants came from a wide range of industries, including financial services, healthcare, manufacturing and retail, and worked in companies of varying sizes, including companies whose annual turnover exceeded 50 million dollars. About half of the attendees were from the United States, with the rest coming from the United Kingdom, France and Germany.

Get the report

Source link