Over 171,000 businesses in the State could be vulnerable to crippling ransomware attacks according to a nationwide cyber security awareness survey.
48% of all businesses have no cyber security policy in place, with a further 27% acknowledging that either their security needs tightening or they are completely unsecure, according to the survey carried out by Magnet Networks.
The Magnet Networks National Cyber Security Awareness Survey was carried out among 205 companies spread across all sectors and regions, giving an up-to-date sample of the business attitudes to a threat which could potentially ruin many of those who are attacked.
The survey found that 26% of businesses have suffered from cyber attacks in the past two years, with a further 18% unsure if they have been affected.
“We found that only 13% of respondents think that their business is very secure – and in the absolute world of cyber attacks you are either totally secure or you are vulnerable in some way,” said cyber security expert James Canty of Magnet Networks.
“A quarter of all respondents said that either the business owner, or no-one at all, was responsible for cyber security in the business.
“The issues we see are magnified in small businesses with under 10 employees – 68% of respondents have no policy in place and one third of all business admit to having no cyber protection in place.
“In 72% of businesses under ten employees, which make up 92% of all companies in the State, network security is looked after by either the business owner, the office manager or, in 9% of cases, no-one at all.
“Based on CSO numbers, means that 171,000 of 248,000 registered businesses have no-one qualified looking after their network security and may not be protected against a ransomware and cyber crime industry which is growing at a rapid rate.”
“A cyber security policy is the cornerstone of protection against attacks that can collapse a business.”
72% of those surveyed believe that their businesses will be protected simply by better employee awareness and businesses rated themselves as only 42% aware of their obligations regarding the upcoming GDPR compliance which comes into effect in May 2018.
The two biggest global threats against business this year were both ransomware attacks, yet the survey reveals that unprotected portable devices are perceived to be a greater threat to a company’s security than either malware or ransomware.
“The main worry looking at the state of our cyber defences is that 84% of businesses surveyed have anti-virus software installed, with 65% combine this with a firewall,” said Canty.
“The proliferation of new types of malware means traditional anti-virus solutions are no longer as effective as they were in the past. They are constantly playing catch up, leaving computer networks vulnerable to attack.
“Companies need to have a next generation application-aware firewall along with advanced endpoint protection making it very difficult for ransomware to disrupt networks and systems so that zero-day ransomware protection instantly stops an attack.
“We are pleased to say that no business using the Magnet Protect system, were affected in any way by the recent Wannacry and Petya global cyber attacks.”
Unfortunately, we are finding that just because you have a box in the corner that IT calls a firewall doesn’t mean you are protected from ransomware, which is a rapidly growing industry.
“Bitcoin has enabled hackers to monetise vulnerabilities in computer networks and systems by deploying ransomware events.
“The increase in attacks can be partly attributed to the rise of bitcoin which has allowed hackers to monetise malware events.
“The value of bitcoin has exceeded the value of gold largely due to the criminal industries building up behind malware and ransomware, and the sheer variety of strains has made it very difficult for anti-virus companies to keep up
“Ransomware acts quickly and it is imperative that businesses act and deploy zero-day protections and controls that mitigate or prevent attack.
“Education and awareness are key as most attacks are triggered by unsuspecting individuals opening either exe files or documents, which can look quite convincing.
“In most cases, these have no known signatures or behaviours so that most existing security systems allow the malware to run, so they can then recognise them and are effectively playing catch-up with cyber criminals.
“There are certain stages that malware must go through in able to function, and businesses need to employ real time protection that can identify, isolate and educate on each new piece of malware as it happens.”