Only a third (35.7%) of companies have purchased specific insurance cover for ransomware attacks even though it is the most common form of cyber threat, a new study conducted by Hornetsecurity has revealed.
Survey data, based on over 820 survey responses, shows that 21% of businesses had been a victim of a ransomware attack, with over 9% forced to pay ransom to recover data after an attack due to a lack of protected backups.
The remaining respondents recovered the ransomed data through backups; however, some still reported losing data in the process. The rise of ransomware attacks has changed the way 71.3% of companies back up their data, the study found.
According to Hornetsecurity, these results reveal a cause for concern: that standard on-site backups do not offer 100% protection against such attacks. Two of the most popular methods employed by those involved in the survey was end-point detection software with anti-ransomware capabilities (75.6%) and email filtration and threat analysis (76.1%).
Air-gapped, offsite storage was reported to be used 47.8% of the time - a low percentage when considering its effectiveness in recovering data, the cloud email security provider explained.
The ransomware study found that businesses with 201-500 employees reported the highest incidence of ransomware attacks (25.3%), while those employing 1-50 had the lowest (18.7%). Of the countries surveyed, businesses located in North America reported 19.6% of attacks, while those based in Europe reported 21.2%.
Despite the rise in ransomware activity, the study even revealed that 28.7% do not provide training to end-users on how to flag and handle potential ransomware threats. 15.9% of respondents also reported having no disaster recovery plan in place, leaving them woefully unequipped to deal with attacks.