From the recent Colonial Pipeline attack to the D.C. Metropolitan Police Department and numerous small and medium enterprises (SME), the world has witnessed a barrage of high-profile ransomware incidents in the past few months. In the aftermath of these sweeping attacks, a global IT association, ISACA, exclusively surveyed IT risk, security, and governance experts to weigh in their opinion on the ransomware menace. And one of the biggest revelations of the survey was that 84% of the respondents believed ransomware attacks will become more prevalent and gain further momentum in the second half of 2021.
To Pay or Not to Pay?
The Colonial Pipeline attack not only disrupted gasoline distribution in the Eastern Coast of the U.S. but also brought questioned issues concerning the ransomware attack preparedness of critical infrastructures to the front-burner. Owing to the chaos caused by this sudden disruption, Colonial Pipeline’s CEO reportedly authorized a ransom payment of $4.4 million. However, a striking majority of surveyed individuals did not agree to this. Only 1 in 5 people (22%) said that critical infrastructure organizations should pay the ransom if attacked.
Concurring to it, Dustin Brewer, senior director of emerging technology and innovation at ISACA, said, “In a vacuum, the guidance not to pay makes total sense. We don’t want to negotiate with criminals. But when you need to get your business back online, a cost/benefit analysis is going to come into play, and a company is going to do what it needs to do to have continuity.”
- 85% of the respondents believe that they are at least somewhat prepared for a ransomware attack, however, the concern here is that only 32% of them are confident of being “highly prepared.”
- 4 in 5 said their organization is better prepared for ransomware attacks now as compared to 2017, when the WannaCry, Petya and NotPetya attacks inflicted major damage.
- Two-thirds of the respondents expect their organization to take further precautions in the aftermath of the Colonial Pipeline incident.
- 46% consider ransomware to be the most likely cyberthreat to impact their organization in the next 12 months.
- 38% of the surveyed individuals say their company has not conducted any ransomware training for their staff.
Looking at these numbers, Brewer added, “The fact that more than 80% of organizations are more prepared for ransomware incidents now than they were during the 2017 attacks — and that so many will be taking new precautions after Colonial Pipeline — is wonderful news. Open reporting of cyberattacks appears to be working, and in this transparency, we can expect to see newer threats mitigated earlier with faster response times.”