In the last year, over 80 per cent of organisations have experienced at least one ransomware attack according to research from Onapsis, the application security firm. In its latest report of 500 cybersecurity practitioners, manager and above, at enterprise organisations with 500 or more employees across the UK and DACH, Onapsis reveals how firms are managing ransomware attacks.
The research, titled ERP Security in the Age of AI-Enhanced Ransomware, finds that 46 per cent of respondents experienced four or more ransomware attacks, while 14 per cent experienced 10 or more. Ransomware attacks have been especially costly due to their impact on resources, with 61 per cent of respondents explaining they had downtime of at least 24 hours as a result of an attack.
Attacks can be especially time-consuming when criminals target organisations’ enterprise resource planning (ERP) applications and systems. In fact, 89 per cent said these were targeted in their experiences. With such a vital part of an organisation’s core being at risk, 93 per cent said they think it’s necessary to have a dedicated ERP security solution.
According to Gartner, AI-enhanced malicious attacks were the top most commonly cited concern in the first Q1’24 based on the research firm’s emerging risk rankings.
Mariano Nunez, CEO of Onapsis
“While the volume of these attacks isn’t surprising, the increasing impact to ERP applications is notable and it will only get worse amidst AI-enabled threats,” said Mariano Nunez, CEO of Onapsis. “This is a reflection of ransomware actors realising that disrupting ERP and business-critical applications gives them the most leverage, as downtime is measured in millions of dollars per hour at large organisations.
“The research is also very clear in that generic security solutions on the market are falling short. Enterprises need a purpose-built, comprehensive solution that protects their mission-critical ERP platforms from this increasing threat.”
The majority of organisations don’t pay the ransom
When asked if they communicated with the threat actor executing the ransomware attack, the majority (69 per cent) said yes. As for whether organisations are paying the ransom, respondents were split with 34 per cent paying every time, 21 per cent paying only some of the time and 45 per cent never paying. Many organisations are turning to outside support to help manage ransomware with 83 per cent of respondents who paid the ransom at least once, saying they have worked with a ransomware broker.
Ransomware has become so prevalent and problematic, that 96 per cent of organisations realised they’ve needed to make changes to their security strategy. When asked how ransomware has influenced their cybersecurity investment:
57 per cent invested in new solutions
54 per cent invested in employee training
53 per cent added more cybersecurity staff internally
36 per cent hired an outside threat research team
The post Enterprise Resource Planning (ERP) Applications Are Targets and Need More Security Reveals Onapsis appeared first on The Fintech Times.
