KnowBe4 Survey Shows Antivirus Software Does Not Prevent Ransomware Infections

Anti-phishing solution provider KnowBe4 has conducted a survey on 500 organizations about phishing attacks and current ransomware protections. The results of the survey show that even though anti-ransomware software solutions have been deployed, they were not capable of blocking all attacks.

The successful ransomware attacks on surveyed businesses involved an average of one server and six endpoints. Companies that paid the ransom to regain access to their systems and files had to pay between $3,780 and $6,300, in addition to absorbing the cost of downtime.

More than half of organizations surveyed (53%) said they had implemented multiple software solutions to prevent ransomware from being installed. 33% of organizations said they had experienced a ransomware attack in the past year, with those attacks resulted in an average of 12 hours downtime.

Interestingly, 48% of companies that had downloaded RanSim, KnowBe4’s ransomware simulator, were unable to detect the simulator’s emails, even though antivirus solutions had been deployed.

Ransomware has fast become one of the biggest threats to businesses. The malicious file-encrypting software is hugely popular with cybercriminals and it is easy to see why. Ransomware campaigns require little effort to conduct and they require little technical skill thanks to ransomware-as-a-service. The attacks are also incredibly lucrative. In 2016, ransomware cost businesses upwards of $1 billion.

The primary vector for ransomware attacks is phishing emails. Unless employees are trained how to identify phishing emails, organizations will continue to experience costly ransomware attacks.

It may seem obvious, but the key to blocking ransomware is not just software. It is training. As KnowBe4 CEO Stu Sjouwerman explained, “It’s a simple concept: If users can learn not to click the link or open the attachment they won’t infect their workstation with ransomware!”

Organizations that used antivirus/antimalware software solutions and trained their employees how to identify phishing emails had the lowest percentage of ransomware attacks in the past year (21%). Alarmingly, more than four out of ten companies were not providing regular training to employees and 44% of organizations were not conducting phishing tests on high risk employees.

The same percentage were not sending monthly emails/videos to maintain security awareness and 43% did not conduct online training for all employees on phishing attacks.

“An important layer in any company’s security stack is the last line of defense – the human firewall that can be trained to detect a phishing email. Once organizations recognize this, their security posture improves dramatically,” said Sjouwerman.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news