"Phishing Continues to Be One of the Easiest Paths for Ransomware"

According to a new survey conducted by the enterprise data storage company Cloudian, phishing remains one of the main ways to attack organizations. The survey includes insights from 200 IT decision-makers whose organizations were hit with a ransomware attack over the past two years. More than half of them provided anti-phishing training to employees. Almost 50 percent had perimeter defenses implemented when they experienced a ransomware attack. Nearly 25 percent of all respondents said their ransomware attacks were initiated through phishing, with 65 percent of victims having conducted anti-phishing training sessions. Slightly over 40 percent of enterprises with less than 500 employees said their attacks began with phishing. About one-third of all victims revealed that their public cloud was used by ransomware groups as an entry point for attack. Phishing schemes continue to grow in sophistication, with attackers now mimicking emails from high-level executives and other trusted associates. Results from the survey also highlighted the speed of ransomware groups, revealing that 56 percent of victims said ransomware actors took over their data and sent a ransomware demand in under 12 hours. This article continues to discuss key findings from Cloudian's survey regarding the performance, speed, and costs of ransomware attacks. 

ZDNet reports "Phishing Continues to Be One of the Easiest Paths for Ransomware"