Enterprise CT details extent of ransomware attacks – and recovery
A new study by a Norwalk information technology provider suggests that only three out of 100 organizations pay the hackers who take over their systems in “ransomware” attacks – the rest choosing to incur significant headaches and expense to recover data, or otherwise rebuild part or an entire targeted computer system from scratch.
Datto on Tuesday released the results of a survey of how small and medium-sized businesses businesses face threats ransomware, email phishing and other methods to infiltrate their systems. The company received approximately 3,000 responses from survey participants in the United States and seven other countries.
Datto provides data backup and security services, with offices in Norwalk and Miami after being acquired for $6.2 billion last year by Kaseya who is based there. Kayesa itself was the target of a ransomware attack in 2021.
Ransomware attacks involve hackers seizing exclusive access to computer systems or data, and threatening to permanently erase them unless they pay a ransom to restore access. In the first weeks of 2023, victims reporting ransomware attacks included a children’s hospital in Toronto, the UK’s Royal Mail and a Norwegian company whose software is used to manage the schedules of more than 1,000 ships around the world. world.
Ransomware attacks affected 13% of small businesses in 2022, including attacks on companies that provide them with information technology services that impacted their own operations.
More than half of respondents indicated that recovering from a ransomware attack would have a significant impact, while 17% fear an “extreme” impact with high recovery difficulty. Nearly seven in ten companies surveyed by Datto have cyber insurance policies in place, with a third not planning to cover themselves this year.
Connecticut ransomware victims over the past few years include the company that manages the operations of the call center Access Health CT; Hartford Public Schools which saw their bus scheduling system attacked on the first day of school in 2020 as normal classes resumed during the COVID-19 pandemic; and public school systems in New Haven the previous year.
While vexing to small businesses and nonprofits that lack the expertise and resources to respond to a ransomware attack, these attacks remain a major concern as hackers can focus on critical infrastructure looking a big win. In 2021, Connecticut and other Northeastern states were hit by a $4.4 million ransomware attack on the operator of the Colonial Pipeline, although much of the ransom was later recovered when the US Department of Justice seized cryptocurrency accounts linked to the perpetrators.
And only last week, thousands of US flights have been canceled after contractors mistakenly compromised software code in a key system, again highlighting the need for strong cyber defenses and backup systems.
According to the Datto survey, phishing remains the most common hack to infiltrate enterprise systems, with 32% of respondents indicating that they have detected such attempts. Behind ransomware were computer viruses, followed by COVID-19-related scams, with 21% of survey participants saying employees had received fraudulent COVID-related emails.
Includes earlier reports by Mary Katherine Wildeman and Peter Yankowski.
[email protected]; @casoulman
Comments are closed.