More than one-third of security professionals knowingly circumnavigate security controls despite the ever-growing risk of ransomware. A total of 35 percent of security professionals admitted to turning off or bypassing their corporate security settings, according to a survey from security specialist Bromium.
The results of the survey — which comes at a time when risky ransomware is dominating global news — highlighted how IT workers must help their businesses take a firmer line on information security controls.
Understanding the Wider Context
As many as 10 percent of security professionals surveyed admitted to paying a ransom or hiding a breach without alerting their teams, the survey found. And there were 638 million reported ransomware attacks last year, according to SonicWall, meaning the scale of attacks could be much higher than perceived.
Security teams should be leading by example, but human behavior is often the weakest link in cybersecurity, Fraser Kyne, Bromium EMEA chief technology officer (CTO) told Infosecurity Magazine. He said processes will be bypassed by even those most aware of the risks if it helps people conduct their work more effectively.
This sentiment is consistent with additional Bromium research, which highlighted that 85 percent of chief information officers (CIO) believed end users are the weakest link in security. The firm also claimed that 40 percent of global enterprises have suffered a ransomware attack.
Detailing the Rise in Ransomware
The risk of ransomware is rising exponentially. SonicWall detected a huge year-over-year increase in attacks, from 3.8 million in 2015 to 638 million in 2016. This unprecedented growth may have been driven by the low cost of conducting a ransomware attack, the ease of distributing it and the low risk of being caught.
Dangers from ransomware were brought into sharp relief last week when the WannaCry ransomware attack spread across the globe. The attack, which has already affected major private and public sector organizations, continues to have a significant impact on organizational effectiveness.
The risks from ransomware, both in terms of data loss and reputation damage, are potentially huge. Companies can be keen to hide their mistakes. However, in the wake of the latest spate of attacks, experts around the globe advised users not to pay the ransom to malicious actors.
Taking Steps to Improve Security Controls
Bromium is not the first organization to note how security professionals cover up breaches. AlienVault surveyed 1,000 security employees and found that 1 in 5 had witnessed a company hide or cover up a breach, another Infosecurity Magazine article noted.
While recovering data loss from ransomware is often difficult or impossible, companies can take steps to both remove the infection and reduce the risk of subsequent attacks. Lawrence Abrams of Bleeping Computer, for example, provided a detailed best practice guide for WannaCry ransomware removal.
The National Cyber Security Centre in the U.K., which is an arm of the Government Communications Headquarters (GCHQ), advised organizations looking to limit the impact of ransomware to control access to data and file systems to only users with business needs. Businesses should also ensure that they have fully tested backup solutions in place.