Half of UK firms hit by ransomware

Organisations admit to being hit by ransomware attacks in the last two years, with 16 per cent saying that they'd suffered unexpected insider attacks or data leakage in the same period

Half of UK-based organisations have been hit by ransomware attacks in the last two years, with 12 per cent of UK firms saying these types of attacks had not been detected until after they had entered corporate systems, potentially wreaking havoc.

That's according to new research from Computing, which will be revealed in full during an upcoming webinar, 'Moving threat defences to real-time'.

Ransomware has been a popular tool for hackers recently, with the WannaCry outbreak taking down large swathes of the NHS, and the NotPetya attacks affected organisations across the world.

Respondents, who comprise senior technology leaders in medium to large UK-based firms, stated that other forms of attack are even more prevalent, with 66 per cent stating that they'd suffered malware, virus or Trojan attacks (not including ransomware), and 65 per cent saying they'd been hit by DDoS. More worryingly, five per cent of respondents said that they had failed to detect malware attacks until they were inside their networks, with nine per cent stating that DDoS attacks hadn't been noticed until after they had impacted systems and performance.

Some firms are increasingly using machine analytics to identify and prioritise threats, with 19 per cent of respondents stating that they use an equal mix of that strategy, and more traditional search analytics. At the bleeding edge of the scale, only one per cent of firms said they only use machine analytics, whilst at the other end, three per cent said that they only use search. The most popular choice with 39 per cent, was a mix of 10 per cent machine analytics, and 90 per cent search.

This makes it all the more surprising given that most firms admitted that traditional techniques are largely ineffective. When asked ‘Is traditional security analytics effective at identifying and prioritising threats?', 61 per cent said that it's reasonably effective by labour intensive. A further 29 per cent said ‘Not really', and two per cent said ‘Definitely not'. Only one per cent of respondents suggested that traditional security analytics is completely effective.

The research also found that most organisations use multiple monitoring tools across their infrastructure, with 55 per cent stating that they use between one and five tools. A further 42 per cent said that they use more than five, with only two percent admitted that they use none.