• Home
  • /
  • TechForum
  • /
  • Ransomware costing enterprises dearly, but most attacks can be avoided

Ransomware costing enterprises dearly, but most attacks can be avoided

Johannesburg, 23 Mar 2021
Sophos Press Office
Read time 2min 30sec
Ajay Nawani, Head of Sales Engineering, MEA, Sophos.
Ajay Nawani, Head of Sales Engineering, MEA, Sophos.

Ransomware attacks have increased globally, with over half of organisations surveyed in 2019 saying they had been hit by ransomware, and 77% of attacks resulting in data being encrypted. However, the good news is that ransomware attacks can be prevented. This is according to Ajay Nawani, Head Sales Engineering, MEA, Sophos.

“Our State of Ransomware report issued late last year surveyed 5 000 IT managers in 26 countries, and found the costs and impacts of ransomware were increasing,” Nawani says. “Fifty-one percent of organisations admitted to being hit by ransomware in 2019, at an average remediation cost of US$761 106. Twenty-six percent of victims pay the ransom, but paying it doubles the cost of dealing with attacks.”

The Sophos 2021 Threat Report finds that in just the past quarter, the average ransom payout has risen by 21%, with the average ransom payout now the equivalent of $233 817.30, payable in crypto-currency. A year earlier, the average payout was $84 116. Not only are attackers accelerating the pace of their attacks and becoming more innovative in the modus operandi, they are also starting to engage in data theft so they may sell the data or threaten targets with extortion over the release of sensitive private data.

“No organisation – large or small, public or private sector – is immune to attack,” Nawani says. “It’s basically a coin toss if your organisation is going to be targeted. Fortunately, however, there is a great deal organisations can do to make themselves less vulnerable as targets and to minimise the impact attackers can have.”

Nawani says these measures include applying firewall and endpoint protection best practices, gaining visibility into network health, and the achieving the ability to automatically respond to security incidents.

To reduce ransomware risk, Sophos advises that organisations need to optimise their firewall properly and secure their network exposure, close all unnecessary open ports on the firewall and secure any necessary open ports with IPS. They should also use VPNs for remote access, introduce multi-factor authentication and control lateral movement within the network. They should also ensure that they have best-in-class firewalls with machine learning and sandboxing capabilities, e-mail protection with anti-spam and anti-phishing, exploit detection and anti-ransomware features.

The award-winning Sophos XG Firewall can automatically stop ransomware, thanks to integration with Sophos Intercept X, an industry-leading endpoint protection platform; and Sophos Synchronized Security, which merges endpoint and network protection features into a powerful, deeply integrated cyber security system.

Sophos will host a webinar on Firewall Best Practices to Block Ransomware on Tuesday, 30 March, to outline how ransomware attacks work, how they can be stopped, and best practices for firewall and network configuration. To register for this free event, click here.

See also