White paper: Root causes of ransomware
Ransomware is one of the biggest cyber security threats the world has ever faced. It is listed as the top worry by cyber security professionals throughout the world, with good reason. Ransomware has attacked tens of thousands of organisations from small to very large, brought down hospitals, pipelines, food production conglomerates, police stations and even entire cities.
Emsisoft states, in 2020 alone, $18 billion was paid globally in ransom and total costs were in the hundreds of billions of dollars (https://blog.emsisoft.com/en/38426/the-cost-of-ransomware-in-2021-a-country-by-country-analysis/). Cybersecurity Ventures says ransomware will cost $20 billion in 2021 and is estimated to grow to $265 billion in damages by 2031 (https://cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-250-billion-usd-by-2031/).
The key to mitigating ransomware is to identify how it exploits devices and organisations, and then focus on decreasing the risks associated with those vulnerabilities.
The key to mitigating ransomware is understanding that ransomware is not your real problem. It is the outcome of your real problem. How ransomware gained initial access to your environment, gained privileged access and spread is the true root problem. Without the initial access, ransomware could not have successfully exploited your environment, causing operational interruption and damage.