Three-quarters of Irish firms upped cybersecurity after WannaCry
DataSolutions survey finds 19% of Irish companies would pay ransom of up to €50,000 to cybercriminals
30% don’t think their organisation is capable of dealing with emerging threats
19% say that their organisation has been held to ransom in past 12 months
46% think that the platforms they work with are outdated
Businesses continuing to implement technologies that focus on detecting attacks, rather than preventing them.
DataSolutions, the specialist IT solutions distributor announces the results of a survey, which found that 73% of companies have made changes to their IT security as a direct result of the WannaCry ransomware incident. The research also found that one-fifth of senior IT decision-makers in Ireland would pay a ransom if under attack from cybercriminals.
In May 2017, approximately 200,000 computers in 150 countries, including Ireland, were infected by the unprecedented WannaCry ransomware attack. Despite widespread upgrades to Irish security systems since the attack, DataSolutions found that a significant 30% of respondents still don’t think that their organisation is capable of protecting itself against emerging threats. The complete survey results will be revealed at DataSolutions’ Secure Computing Forum in the Aviva Stadium on 21st September.
As companies remain ill-equipped to tackle cyber threats, the survey results indicate that ransomware remains an issue for Irish organisations. When asked if they had been held to ransom in the past 12 months, 19% of survey respondents stated that they had.
If held to ransom, 19% of Irish businesses would pay up to €50,000 to recover their data from cybercriminals. This is a substantial increase from a similar survey carried out by DataSolutions 17 months ago, when just 7% said that they would pay a ransom.
David Keating, security specialist, DataSolutions, said: “The results of this year’s survey highlight that ransomware remains an effective weapon for cybercriminals seeking to extract money from Irish businesses. Ransomware attacks are a very disruptive form of cybercrime , and, as the recent WannaCry and Petya outbreaks made clear, they pose a huge threat to organisations of all types and sizes. Companies need to take steps to implement tried and tested security systems to secure their interests, or risk facing further attacks."
“Considering the numbers stating that they have been held to ransom in the past 12 months, we can infer that that a significant number of organisations that fall victim to cybercrime are paying out to cybercriminals.”
When it comes to the factors that are leaving companies vulnerable to exposure, a failure to frequently update IT equipment could be playing a part. Almost half (46%) of those surveyed said that the platforms that they work with on a daily basis are outdated. Employees were also singled out as a critical vulnerability, with 77% saying that a lack of security savvy among employees put their organisation at risk of a data breach.
Despite these vulnerabilities, 67% of those surveyed claimed not to have experienced a data breach in the past year, with one-third stating that they had experienced breaches.
David Keating, continued: “The fact that almost 70% of respondents claim not to have experienced a cyber-breach in the past 12 months displays a fundamental misunderstanding as to what constitutes a data breach. The term does not solely refer to the instance of a ransomware attack and, with this in mind, it is likely that far more of these companies may have experienced some form of security compromise.
“Cybercriminals have access to incredible resources and extremely sophisticated technologies, but many businesses are continuing to implement technologies that focus on detecting attacks, rather than preventing them. This fragmented approach focuses on fix after the damage has been done. Companies need to change tack and apply new approaches that are focused on prevention to ward off future attacks.
The survey was commissioned by DataSolutions and carried out by TechPro in July 2017 among 112 senior IT professionals and decision-makers in businesses based in Ireland, which were typically larger enterprises