A report shows that two out of every three Spanish companies suffered ransomware attacks during 2021
Working from home has definitely created a cybercriminals paradise, comprising vulnerable computers, with network access, and companies that do not have the highest security conditions. The consequences of this are that two out of three companies in Spain have reportedly suffered a ransomware attack in the last year.
According to CrowdStrike, a cybersecurity company, online criminals have several strategies when generating an attack. They can use malware, which is basically software designed to access a device stealthily, or spyware, malware that collects personal information.
Then they have hijackware, malware that changes browser settings to direct you to malicious sites, and finally, the ransomware option, malware that encrypts data, or locks devices until a ransom is paid.
An annual report on global security, carried out by the independent analysis company Vanson Bourne, showed that 63 per cent of the cybersecurity managers of the companies consulted (2,200 security professionals from the US, EMEA, and APAC) used traditional security solutions.
These are the most widely used protection systems, but they have been proved to be slow to discover and mitigate an incident, usually about a week. As a result, organisations ran the risk of extortion to continue operating. On average, this meant that they had paid about €1.5 million on average, and most of the companies that paid, subsequently suffered a second extortion demand.
“The report paints a striking picture of today’s corporate security environment. Cybercriminals innovate their methods of accessing business systems, and organisations fail to update their security technologies”, said Michael Sentonas, CTO of CrowdStrike.
“It is true that remote work is accentuating the challenges to companies, because the most widely used protection models, such as Microsoft’s, are not adapted to that reality”.
Experts admit to being worried by the figures and statistics revealed in the report. For example, it showed that two out of three Spanish companies had suffered a ransomware attack in the last year.
As many as 63 per cent of security managers admitted that they are losing the trust they had in traditional manufacturers, due to the increase in incidents they are observing.
Three out of four managers said that their companies had suffered an attack in their supply chain, and 84 per cent feared experiencing an incident in their supply chain in the coming years.
In Spain, 80 per cent of the companies consulted admitted to avoiding partners whom they perceived to have weak security systems. This was for fear of suffering an indirect attack, while up to 37 per cent had lost trust in their partners after analysing their systems.
To all of this must be added the increasing effectiveness of cybercriminals. Ransoms have statistically increased by 62.7 per cent in 2021. More than half of the companies – 57 per cent – said they did not have a global protection strategy against ransomware.
In Spain, 64 per cent of the companies consulted had received an attack related to ransomware in the last year, but only a quarter of those affected had paid the ransom, varying between €200,000 and €2 million.
CrowdStrike’s recommendation is to follow the 1-10-60 rule. 1 minute to detect the threat, 10 minutes to understand it, and 60 to resolve it. The problem is that organisations currently took 146 hours to detect an incident, compared to 117 hours in 2020.
Once detected, they needed 11 hours to understand how it occurred, and what the threat consisted of. Then they needed an additional 16 hours to remedy it, when criminals need “just” 92 minutes on average, to bypass security measures.
Most Spanish companies needed a full day just to detect the incident, although there were some lucky ones – or well prepared – three out of ten, who were capable of doing it in an hour, as reported by larazon.es.