A recent report from Kaspersky mentions that most employees are unaware of ransomware attacks
According to a new report from security provider Kaspersky, 37% of employees have admitted they don’t know what ransomware is, even if many of them have already been victims. One of the key ways to combat ransomware is by training employees to identify and report it. The report “Ransomware Revealed: Paying for the Protection of Your Privacy,” surveyed over 2,000 business employees in the US and more than 1,000 in Canada. About 32% of people who have already been victims of a ransomware attack admitted they were unaware of it. Moreover, they admitted also that there is a high possibility they might not be able to identify future attacks.
As per the survey, 35% of respondents said they were unaware of the steps to take if their personal information was at risk of being exposed and their company didn’t pay the ransom. About 20% of respondents who have experienced an attack think a company should never pay the ransom. Only 15% of people who have never been hit by ransomware expressed the same opinion. About 30% of people who have experienced a ransomware attack said the first step would be to disconnect a computer from the internet to stop an attack.
The survey found that 45% of respondents don’t know what to do in response to an attack. Many of them said that an organization should locate and rectify the threat.
Researchers at Kaspersky suggest that organizations should avoid paying a ransom as it will never guarantee that the data will be returned. It is not possible to know if the information obtained has been sold in dark markets after the theft. Paying a ransom only encourages cybercriminals to carry out more of these attacks as they are one of the most financially profitable ones. The more business organizations give in to ransomware attacks, the more we will see them continue to trend in the threat landscape.
It is essential for organizations to train employees about ransomware attacks and conduct sessions to teach them about the necessary steps to follow if they have been a victim of one.