By: Kelly White, Founder, RiskRecon, a Mastercard Company
I once heard an advertisement for a car wash in which the company claimed that cars that are washed weekly last something like 30% longer than cars that are not cleaned regularly. On the surface, this seemed ridiculous, as there is no material link between the cleanliness of a vehicle and its useful life. I soon had the elementary ah-ha moment that people who wash their car frequently are much more likely to do regular maintenance. A clean car doesn’t cause a car to last longer, but there is a positive correlation between owners who keep their car clean and owners doing regular maintenance which increases longevity.
And so it is with ransomware events. Based on RiskRecon’s comparison population of cybersecurity ratings and assessments of over 100,000 entities, companies that RiskRecon observes to have very poor cybersecurity hygiene in their Internet-facing systems (a ‘D’ or ‘F’ RiskRecon rating) have about a 40 times higher rate of destructive ransomware events in comparison with companies that have clean cybersecurity hygiene. As shown in the chart below, only 0.03% of ‘A-rated’ companies were victims of a destructive ransomware attack, compared with 1.08% of ‘D-rated’ and 0.91% of ‘F-rated’ companies.
The cybersecurity conditions underlying the RiskRecon rating reveal just how poor the cybersecurity hygiene is of companies, on average, that fall victim to a material system-encrypting ransomware attack. In comparison with the general population of 100,000 companies, the internet-facing systems of ransomware victims have an 11 times higher rate of material software vulnerabilities, 3.3 times higher rate of unsafe network services, and an 8.5 times higher rate of email security issues.
While one or more of the issues outlined in the table above may not have been the vector by which criminals compromised the victim environment, the prominence of these issues is a strong indicator that the victim organizations are not operating robust cybersecurity risk programs. Just like dirty cars strongly correlate with poor maintenance, poor cybersecurity hygiene in Internet-facing systems strongly correlates with cybersecurity conditions that make the organization more susceptible to a successful ransomware attack.
Click here to download the complete paper and get the full details on lessons learned from ransomware attacks.