Ransomware attacks hit two out of three Spanish businesses in 2021

Ransomware attacks affected two out of three Spanish companies in 2021. image Source: Twitter

Report shows two in three Spanish companies suffered ransomware attacks in 2021

Working from home has definitely created a cybercriminal’s paradise, made up of vulnerable computers, with network access, and businesses that lack the highest security standards. The consequences are that two out of three companies in Spain have suffered a ransomware attack in the past year.

According to CrowdStrike, a cybersecurity firm, cybercriminals have several strategies to generate an attack. They can use malware, which is basically software designed to gain stealth access to a device, or spyware, malware that collects personal information.

Then they have hackers, malware that changes browser settings to direct you to malicious sites, and finally the ransomware option, malware that encrypts data or locks down devices until a ransom be paid.

An annual report on global security, produced by independent analysis firm Vanson Bourne, showed that 63% of cybersecurity executives in companies surveyed (2,200 security professionals in the United States, EMEA and APAC) were using traditional security solutions.

These are the most widely used protection systems, but they have been shown to be slow to discover and mitigate an incident, typically around a week. As a result, organizations ran the risk of extortion to keep operating. On average, that meant they paid around 1.5 million euros on average, and most companies that paid subsequently suffered a second extortion request.

“The report paints a startling picture of today’s corporate security environment. Cybercriminals are innovating in their methods of accessing corporate systems and organizations are failing to update their security technologies, ”said Michael Sentonas, CTO of CrowdStrike.

“It is true that remote work increases the stakes for companies, because the most widespread protection models, such as that of Microsoft, are not adapted to this reality”.

Experts admit to being worried about the figures and statistics revealed in the report. For example, it showed that two out of three Spanish companies had suffered a ransomware attack in the past year.

Up to 63% of security officials have admitted that they are losing their trust in traditional manufacturers, due to the increase in incidents they are seeing.

Three in four managers said their company had suffered an attack in their supply chain and 84% feared they would experience an incident in their supply chain in the years to come.

In Spain, 80 percent of the companies surveyed admitted to avoiding partners they saw as having weak security systems. This was out of fear of being indirectly attacked, when up to 37% had lost confidence in their partners after scanning their systems.

Added to this is the increasing efficiency of cybercriminals. Ransoms rose statistically by 62.7% in 2021. More than half of companies – 57% – said they did not have a comprehensive ransomware protection strategy.

In Spain, 64% of the companies consulted had suffered a ransomware-related attack in the past year, but only a quarter of those affected had paid the ransom, ranging between 200,000 and 2 million euros.

CrowdStrike’s recommendation is to follow the 1-10-60 rule. 1 minute to detect the threat, 10 minutes to understand it and 60 minutes to resolve it. The problem is that organizations currently take 146 hours to detect an incident, up from 117 hours in 2020.

Once detected, it took them 11 hours to figure out how it happened and what the threat was. Then it took them an additional 16 hours to fix it, while criminals only need “only” 92 minutes on average to bypass the security measures.

Most Spanish companies needed a full day to detect the incident, although there were lucky – or well prepared – three in ten, who were able to do it in an hour, as reported by reported larazon.es.


Thanks for reading, and don’t forget to check out The Euro Weekly News for all your up-to-date local and international news, and don’t forget, you can also follow us on Facebook and Instagram.