Among 200 security professionals polled about ransomware and phishing attacks, 58 percent reported their organizations have seen an increase in spear phishing attacks.
The survey, conducted by security IT vendor Tripwire at the RSA Conference 2016 in San Francisco earlier this month, gauged security professionals’ confidence in responding to ransomware.
While the majority of respondents reported an increase in spear phishing attacks, 25 percent said their organization had not seen an increase in spear phishing scams in the past year, and 17 percent said that they weren’t sure.
Spear phishing is an email or electronic communications scam targeted toward a specific individual, organization or business and typically appears to be from someone that the individual or organization is familiar with.
According to the survey, only 38 percent of respondents said they were “very confident” that their organizations could recover from a ransomware attack without losing critical data; almost 50 percent said they were somewhat confident and 13 percent reported they were not confident.
Most respondents (73 percent) said they think critical infrastructure providers are more vulnerable to ransomware attacks than other organizations.
Many data security experts say that the human element is the weakest link in cybersecurity. To this point, more than half of respondents (52 percent) said they were not confident that their executives could spot a phishing scam.
“The decision to pay a ransom comes down to the confidence and financial cost of recreating or restoring data from a previous backup,” Travis Smith, senior security researcher for Tripwire, said in a statement. “Since most ransomware samples we have seen have a time limit to pay, it’s important to have confidence that you can restore the majority of data on short notice. Organizations should focus on improving backup and restoration procedures to reduce the cost of restoring data and services after a potential breach.”