A survey conducted by Information Security Media Group (ISMG), a media organization devoted to information security and risk management, was recently published by Varonis Systems, a leading software solutions provider that aims to protect data from cyberattacks and insider threats. The survey, dubbed “2017 Ransomware Defense Survey: The Enterprise Strikes Back,” highlights the toll ransomware can take on organizations.

Organizations’ attitude towards ransomware

In total, 230 individuals from organizations located mostly in countries in Asia, the United States, Canada, and the United Kingdom were surveyed. 70% of these organizations have between 1,000 and 2,000 employees, and the results show that 76% of those inquired believe ransomware is a significant business threat.

Out of the 230 individuals, only 21% said their anti-malware defenses are completely effective against the threat. Out of those that have actually been attacked in the past, only 37% have tried to reduce the impact a future attack could have, while 36% have actively attempted to improve their security capabilities. Nearly half of all respondents (44%) saw users as the biggest security weakness.

The survey shows large organizations are still vulnerable to ransomware attacks, and don’t seem to do much about it, even though they know one user’s mistakes is all it takes to infect the whole network. Only 56% of organizations reportedly have a ransomware response in place. Brian Vecci, a technical evangelist at Varonis said:

In our current threat environment, enterprises should assume they’ve already been breached and implement a defense-in-depth approach to data security

Most of the respondents also claimed the biggest impact ransomware has on businesses is in the “loss of productivity”. Out of these, 52% said their organization is one of the best at detecting and/or eliminating ransomware before it encrypts their data. Nevertheless, most respondents, 57%, still believe their organizations will likely be targeted by ransomware attacks this year.

How hard ransomware is hitting organizations

According to Kaspersky Labs, one business was hit with a ransomware attack every 40 seconds in 2016, while one individual was hit with one of these attacks every 10 seconds. Worldwide, the company estimates one in every five small businesses have been hit.

While every sector seems to be targeted, education and retail seem to be the primary targets, even though there have been cases in which ransomware extortionists targeted healthcare facilities, as these easier to force.

Lucky for most organizations, Kaspersky Labs also noted there has been a rise in low-quality, unsophisticated ransomware, which increases the likelihood of victims being able to recover their data without having to pay up. Notably, organizations that do pay aren’t guaranteed their files back.

Threat intelligence company Recorded Future

has stated that, in 2017, ransomware attacks may be mitigated, to a certain extent, by the efforts of law enforcement agencies. Last year, according to the same source, the total amount of ransom payments reached $1 billion, making it a very lucrative model for extortionists. Unsurprisingly, Business Insider has published a piece in which it stated some hackers make $7,500 a month.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.