May 15, 2017 By Mark Samuels 2 min read

More than one-third of security professionals knowingly circumnavigate security controls despite the ever-growing risk of ransomware. A total of 35 percent of security professionals admitted to turning off or bypassing their corporate security settings, according to a survey from security specialist Bromium.

The results of the survey — which comes at a time when risky ransomware is dominating global news — highlighted how IT workers must help their businesses take a firmer line on information security controls.

Understanding the Wider Context

As many as 10 percent of security professionals surveyed admitted to paying a ransom or hiding a breach without alerting their teams, the survey found. And there were 638 million reported ransomware attacks last year, according to SonicWall, meaning the scale of attacks could be much higher than perceived.

Security teams should be leading by example, but human behavior is often the weakest link in cybersecurity, Fraser Kyne, Bromium EMEA chief technology officer (CTO) told Infosecurity Magazine. He said processes will be bypassed by even those most aware of the risks if it helps people conduct their work more effectively.

This sentiment is consistent with additional Bromium research, which highlighted that 85 percent of chief information officers (CIO) believed end users are the weakest link in security. The firm also claimed that 40 percent of global enterprises have suffered a ransomware attack.

Detailing the Rise in Ransomware

The risk of ransomware is rising exponentially. SonicWall detected a huge year-over-year increase in attacks, from 3.8 million in 2015 to 638 million in 2016. This unprecedented growth may have been driven by the low cost of conducting a ransomware attack, the ease of distributing it and the low risk of being caught.

Dangers from ransomware were brought into sharp relief last week when the WannaCry ransomware attack spread across the globe. The attack, which has already affected major private and public sector organizations, continues to have a significant impact on organizational effectiveness.

The risks from ransomware, both in terms of data loss and reputation damage, are potentially huge. Companies can be keen to hide their mistakes. However, in the wake of the latest spate of attacks, experts around the globe advised users not to pay the ransom to malicious actors.

Taking Steps to Improve Security Controls

Bromium is not the first organization to note how security professionals cover up breaches. AlienVault surveyed 1,000 security employees and found that 1 in 5 had witnessed a company hide or cover up a breach, another Infosecurity Magazine article noted.

While recovering data loss from ransomware is often difficult or impossible, companies can take steps to both remove the infection and reduce the risk of subsequent attacks. Lawrence Abrams of Bleeping Computer, for example, provided a detailed best practice guide for WannaCry ransomware removal.

The National Cyber Security Centre in the U.K., which is an arm of the Government Communications Headquarters (GCHQ), advised organizations looking to limit the impact of ransomware to control access to data and file systems to only users with business needs. Businesses should also ensure that they have fully tested backup solutions in place.

More from

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

4 ways to bring cybersecurity into your community

4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept of a culture of cybersecurity and take it from where it currently stands as an organizational responsibility to a global perspective.When every person who uses technology — for work, personal use and school — views cybersecurity as their responsibility, it…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today