By William Suberg,
Over 80% of hacked companies reported that attack entry points were phishing emails and social media, according to a new report by SentinelOne published on Friday.
‘Immediate Need for Better Solutions’
The latest findings compound evidence that business security is no match for today’s hacking threat, with multiple surveys in 2016 stating similar results.
“The survey of businesses in the U.K., U.S., France and Germany revealed an immediate need for better solutions,” a precis of the results stated.
SentinelOne is a California-based cybersecurity developer, which partnered with research firm Vanson Bourne to produce the international snapshot.
Respondents produced more worrying feedback. In the UK, only 13% of affected companies notified insurance providers following an attack, pointing to barriers further up the chain which malicious parties have already likely identified. In the US, 48% of companies said they would not seek to find security faults with third-party providers and would assume all blame themselves.
Ransomware Tops Threat List in 2016
SentinelOne specifically highlighted ransomware as a “prolific threat” in the current landscape, with sophisticated techniques taking advantage of security setups in disarray.
“Ransomware has become one of the most successful forms of cybercrime in 2016 and is on the top of every security professional’s list of most prolific threats,” chief of security strategy Jeremiah Grossman said.
“These results further shed light on ransomware, where now, any and all types of sensitive data are targeted and can lead successful extortion.”
Plans affecting EU countries specifically could soon cause businesses to shape up. Huge increases in fines for lax security networks from 2018 could quickly make it far too expensive to leave anything to chance, with UK businesses reportedly in for the biggest hit.
UK corporations currently pay around £500,000 in annual fines, but once the legislation comes into effect, this is forecast to skyrocket to €20 million – around £17 million.
Companies Need ‘Holistic’ Defense
Meanwhile, another report by anti-phishing resource PhishMe revealed that 97% of phishing emails it analyzed this year contained some form of ransomware. Any other form of malware was restricted to the remaining 3%.
“Without a holistic phishing defense strategy, organizations are still susceptible to not just the voluminous phishing emails used to deliver ransomware, but also the smaller and less-visible sets of emails delivering the same malware that threat actors have used for many years,” the report concluded.
While bitcoin continues to be associated with ransomware attacks in some circles, senior law enforcement in the US has recently voiced support for using cryptocurrency to help track and prevent criminal cyber activity.