Almost half of large UK businesses have suffered a ransomware attack in the past year, with nearly one third fearing that, although the situation has been resolved, the criminals may still be lurking in their systems.
Citrix surveyed 500 UK-based IT decision makers in companies with 250 or more employees, finding that 45% had fallen victim to a successful ransomware attack.
Despite this history of victimhood, the research also found that 11% of businesses this size don't have a formal ransomware policy in place and while 50% said plans are in place to have such a policy within the next 12 months, 38% said no such plans existed.
Knowing how to deal with a ransomware infection should one occur is increasingly important, though, as this strain of malware becomes ever more popular.
"A lot of this is about isolating a potentially infected machine, deciding whether you're going to pay the ransom or not there's a business choice to be made there - and then being able to build confidence that you have actually dealt with the ransomware attack and it isn't still lurking there," Chris Mayers, chief security architect at Citrix, told IT Pro.
This third element is also a current cause for concern, with 36% of those surveyed who had fallen victim to ransomware in the past 12 months telling Citrix they doubted all traces of that attack had been fully removed.
Ultimately, said Mayers, companies need to ensure they have a ransomware plan in place, including knowing who makes the decision as to whether or not to pay, as well as being sure they can isolate the infected machine(s) and having a solid backup-and-recovery plan in place.
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Enterprises need to patch these Citrix flaws nowNews Organizations should move quickly to install patches, according to Citrix
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
