Ransomware: not the most prevalent threat, but one of the most likely to breach defences, research

Almost half of attempted ransomware attacks have an impact, finds Computing's latest research

The ransomware threat has been growing over the past two to three years as a hackers and organised criminal gangs using it as a low-risk way to make money have become more organised and more skilled.

Computing's latest enterprise security research shows that while it may not be the most prevalent threat, ransomware has proved the most adept at penetrating the organisation's defences.

A surprising total of 46 per cent of 244 IT professionals answering an online poll question about attack vectors said they have been hit by ransomware in the past 12 months, with almost half of those attacks evading the defences, being discovered after some impact had occurred. This may be because ransomware is a relatively new threat, at least in its current guise, and people are not yet aware of what to look for.

Ransomware attacks also tend to be combined with other ploys, such as phishing techniques to get victims to click on the link in an email and thus to launch the payload. Phishing, social engineering and general malware all featured highly in the list of reported incidents.

* Base 244 UK IT decision makers.

"The reason why ransomware has become so big is because it's the easiest and quickest way to make money for some of the low skill hackers," said the group cyber security adviser in a retailer.

"Ransomware keeps me awake at night," added a CISO from the transport sector.

"We are spending a lot of time, money and effort trying to get in front of that. The problem is the code that is wrapped around them, it's so darn easy and a lot of the AV vendors are struggling to keep up."

A head of information security said ransomware is becoming increasingly sophisticated, with help offered in buying bitcoin, the attackers' currency of choice.

"It's been commoditised; it is now becoming a mature business," that official said.

It has business models, it has franchisees, it even has helpdesks. If you get infected with ransomware you can phone someone up to help you with the process of buying bitcoin. I last heard that seven per cent of victims pay up, that's quite lucrative."

The full results of this research will be presented at Computing's Enterprise Security & Risk Management Summit on 24 November. Entrance is FREE to qualifying IT leaders and computing professionals, but places are going fast, so register now.