Ransomware, Corporate Extortion Key Concerns for CIOs in 2018, Survey Finds

Reading time: 4 min
Share this Share on email Share on twitter Share on linkedin Share on facebook

Chances that ransomware will go away any time soon are slim, so security experts can’t emphasize enough the importance for enterprises to seriously invest in cybersecurity and focus on developing risk mitigation strategies to avoid being caught off-guard. For some reason, the number of businesses ready to pay ransom to get their data back is increasing, opening up endless opportunities for hackers working on complex malicious software to further compromise corporate networks.

As most attacks are caused by insider threats, hackers know it only takes some good old-fashioned social engineering to trick employees into making a bad move. While education, healthcare and finance have been the most targeted industries in the past year, CIOs across all sectors need to step up their game against internet threats.

Over 70 percent of CIOs fear their businesses are so vulnerable that they will fall victim to corporate extortion and ransomware this year, according to a survey of 890 CIOs in 23 countries conducted by Logicalis Ireland. These are the two major security threats businesses fear, while 60 percent also worry about targeted attacks on corporate systems and critical application vulnerabilities that would expose them to identity and credential hijacking (43%), social engineering attacks (58%) or malicious insiders (30%).

A notorious example of a recent high-level attack is GoldenEye ransomware, which targeted data destruction and had two encryption layers. The ransomware broke out in Ukraine, when several critical infrastructures were taken offline. But the ransomware went global instantly, spreading through the EternalBlue exploit. GoldenEye compromised critical companies and government networks that neglected infrastructure security. Unlike other ransomware infections, there was no decryption key for GoldenEye.

With this in mind, it should come as no surprise that one in three has CIOs called off IT projects due to security concerns. The consequences could be disastrous for any business under attack, so strong defense against internet threats such as ransomware is critical. Overall, CIOs plan to invest in digital innovation, with only 11 percent showing disinterest in further advancement. Still, cybersecurity remains a pertinent roadblock, alongside organizational culture (56%), cost (50%), complex legacy technology (44%) and a skill gap (34%).

“It’s vital that organizations take the necessary steps to help protect their infrastructure and assets against cyberattacks,” said Andrew Baird, CEO, Logicalis Ireland. “This will also provide them with the confidence they need to fully embrace digital transformation, something which is needed, with only 5% of CIOs considering their businesses to be digital innovators.

“However, this is an area where Irish companies should, and can, look to steal a lead on their international counterparts, with over a quarter of Irish organizations having already implemented Internet of Things solutions. Hopefully, we are on the right track to digital enablement,” he said.