New KnowBe4 Survey Shows IT Pros Concern Over Ransomware Skyrocketing


Security Awareness Training and Backup Voted Most Effective Solutions to Combat CryptoLocker

(Tampa Bay, FL) July 1, 2014--A new survey by IT Security company KnowBe4 shows the growing alarm among IT Pros about the threat of ransomware like the infamous CryptoLocker. The KnowBe4 June 2014 survey over 300 IT Pros compared the levels of concern over ransomware to a similar survey by IT Security company Webroot in January this year. The study showed the rapidly growing apprehension over ransomware, rising to to 73% from 48% of those who are very or extremely concerned about it. Nearly half of the IT professionals surveyed know someone who has experienced a ransomware attack and it worries them more now with 88% expecting ransomware to increase for the remainder of the year compared to 66% at the start of this year.

“We thought it would be interesting to use the same questions to see what impact ransomware has had in six months time. We found the threat of ransomware is very real and IT professionals are increasingly realizing traditional solutions like endpoint security are failing,” said Stu Sjouwerman, CEO of KnowBe4. “IT pros agree that end-user Security Awareness Training is one of the most effective security practices to combat these ransomware threats.”

Most IT managers rely on backup get out of a tight spot but 57% agree that if their backup fails, they would be forced to pay the ransom. This can have a grave impact on organizations as backup fails 50-66% of the time, according to the method used (tape vs cloud).. According to a report by Symantec in 2013, 47% of enterprises lost data in the cloud and had to restore their information from backups, 37% of SMBs have lost data in the cloud and had to restore their information from backups and 66% of those organizations saw recovery operations fail.

Among the highlights of the KnowBe4 ransomware survey;

  • 88% expect ransomware to increase the rest of the year.

  • 47% feel email attachments pose the largest threat.

  • Confidence in endpoint security dropped from 96% in January to 59%.

  • 88% consider Security Awareness Training the most effective protection from ransomware over 81% for backup.

  • Only 16% feel their current solutions are very effective, while 72% feel they are somewhat effective.

  • Confidence in email and spam filtering effectiveness dropped from 88% to 64%.

  • If faced with 4 hours of lost work from ransomware encryption, 81% would rely on backup.

  • The study asked confronted with a scenario where backups have failed and weeks of work might be lost, an astounding 57% would begin with paying the $500 ransom and hope for the best.

Sjouwerman further stated, “It appears the Russian cyber mob has picked a highly profitable business model. Our study shows the overwhelming majority of IT Pros think the criminals behind ransomware should be prosecuted and sent to jail for a long time. We agree, but US law enforcement has no jurisdiction in Eastern Europe where these criminals are largely free to commit their crimes.”

According to report by EMA, 56% of employees still receive no security awareness training, and the programs that do exist are not all the same. KnowBe4 recommends frequent training to keep employees aware and feels so confident about the effectiveness of their program that they will cover its customer’s crypto-ransom if they get hit.

For more information visit www.KnowBe4.com

About Stu Sjouwerman and KnowBe4

Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.

About Kevin Mitnick

Kevin Mitnick is an internationally recognized computer security expert with extensive experience in exposing the vulnerabilities of complex operating systems and telecommunications devices. He gained notoriety as a highly skilled hacker who penetrated some of the most resilient computer systems ever developed. Today, Mitnick is renowned as an information security consultant and speaker, and has authored three books, including The New York Times best seller Ghost in the Wires. His latest endeavor is a collaboration with KnowBe4, LLC.

Get the latest about social engineering

Subscribe to CyberheistNews