Ransomware attacks are significantly declining, and active defense strategies are highly effective but underused, according to a recent report by ISACA, a global association of technology professionals.

For its State of Cybersecurity 2018 report, ISACA surveyed 2,366 cyber security professionals, and found that 50 percent have seen an increase in cyber attack volumes relative to last year. In addition, 80 percent of respondents said they are likely or very likely to be attacked this year.

Despite an increase in cyber attacks generally, however, ransomware attacks are significantly declining. Last year, 62 percent of respondents experienced a ransomware attack, compared with 45 percent this year, 17-point drop. This is likely because organizations are significantly better prepared after last year’s WannaCry and NotPetya attacks, the study said.

Cyber terrorists are shifting tactics.
Cyber terrorists are shifting tactics.

Eighty-two percent of respondents said that their enterprises now have ransomware strategies in place, and 78 percent said they have a formal process, up 25-points from last year.

While the findings are positive, ISACA said, the data shows that ransomware attacks might have been displaced by cryptocurrency mining, which is becoming more frequent. Cryptocurrency mining malware can operate without direct access to the file system, it said, making them harder to detect. And as the prices of cryptocurrencies increase, the economics of cryptocurrency mining malware becomes better for the attacker.

The report said the three most common attack vectors remain unchanged from last year: phishing, malware, and social engineering.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access