Ransomware Reinfections on the Rise Due to Improper Remediation

Cyber Security Threat Summary:
According to a recent report from Malwarebytes, it was found that ransomware attacks don't typically originate as a fresh problem for organizations; instead, they are the grim culmination of unresolved network compromises. Threat actors gain initial access through stolen login credentials, deployed malware, or established backdoors—akin to leaving an unlocked door for future visits. While some organizations may pay the ransom, believing cybercriminals will relent (they don't), this accounts for a small percentage of cases. The majority of reinfections stem from the failure to address the underlying vulnerabilities that led to the initial breach—essentially, improper remediation. Smaller IT-constrained organizations, with limited resources, tighter budgets, and lower levels of security maturity, are particularly susceptible to remediation errors compared to their larger counterparts.

Security Officer Comments:
Ransomware affects organizations of all sizes, smaller businesses, who are often constrained by limited IT resources, have become prime targets for threat actors. A Devolutions report on SMB IT security found that 60 percent of small businesses experienced at least one cyberattack in the past year, with 18 percent enduring six or more. Furthermore, 66 percent of SMBs reported one or more ransomware attacks this year, marking a 44 percent increase in just three years.

Suggested Correction(s):
While Cybersecurity programs tend to demonstrate resilience in the face of economic uncertainty, Chief Information Security Officers (CISOs) and security leaders are under pressure from other stakeholders to tighten spending, showcase the value of their investments, and focus on improving efficiency. Given that organizations are targeted by ransomware attacks approximately every 14 seconds, CISOs and security leaders must prioritize prevention. Mitigating ransomware is increasingly challenging due to its growing sophistication, and operating in a competitive market adds complexity to the situation.

Link(s):
https://www.malwarebytes.com/blog/b...ections-on-the-rise-from-improper-remediation