All Research
Whitepaper
I like this
I don't like this

Considerations for Reducing the Risk of Ransomware

Alexei Balaganski
In this paper, we will expand our view of ransomware and demonstrate how treating it as an isolated security challenge is not a sustainable approach. We will show why prevention is the best foundation for managing risk and consider some strategies to combat common ransomware tactics. A breach affects every part of the enterprise because it is not an isolated cybersecurity problem; it is an everyone’s problem.

Commissioned by Oracle

1 Introduction / Executive Summary

Ransomware is an evolving global threat that can wreak havoc on businesses, governments, and citizens with billions of dollars in damages. More than half of organizations have been affected, and often, the consequences are immeasurable, which is why it is critical to put in place the safeguards to help prevent a successful attack, minimize negative outcomes, and strengthen operational resiliency in the face of a breach.

Dealing with the aftermath of a ransomware attack can be complicated and costly. Most organizations experience significant business impacts, from financial loss to business disruption. According to the Internet Crime Complaint Center IC3, a division of the FBI, between 50% and 80% of organizations that have paid ransom demands in the past were subject to subsequent attacks, often by the same threat actors6.

Ransomware is unique among cybercrime because in order for the attack to be successful, it requires the victim to become a willing accomplice after the fact.

― James Scott, Institute for Critical Infrastructure Technology

Most security experts recommend against paying the ransom: not only is there no guarantee to get the data back, but it also encourages future ransomware attacks. Studies conducted both in the United States (by Coveware7) and Europe (by Veeam8) show that many victims never hear back from their attackers after paying the ransom, and even among those who do get their data back, over 30% find it incomplete or damaged.

In this paper, we will expand our view of ransomware and demonstrate how treating it as an isolated security challenge is not a sustainable approach. We will show why prevention is the best foundation for managing risk and consider some strategies to combat common ransomware tactics. A breach affects every part of the enterprise because it is not an isolated cybersecurity problem; it is an everyone’s problem.

We will discuss cybersecurity guidelines along with some recommended best practices. And we will look at key focus areas to start implementing these strategies to help reduce the risk of ransomware. As we explore Oracle’s layered approach to security with an emphasis on automation and building security into their products, we will find that defending against ransomware means defending against any cyberattack.

  1. https://www.ic3.gov/Media/News/2021/210907.pdf 

  2. https://www.coveware.com/ransomware-quarterly-reports 

  3. https://go.veeam.com/ransomware-trends-executive-brief-2022-emea 

Full article is available for registered users with free trial access or paid subscription.
Log in
Register and read on!
Create an account and buy Professional package, to access this and 600+ other in-depth and up-to-date insights
Register your account to start 30 days of free trial access
Register
Get premium access
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use