Fear of state-sponsored and ransomware attacks pose danger of stifling future business growth in post-COVID era: Survey

In 2020, there has been continued proliferation of ransomware and heightened concerns around nation-state actors, according to CrowdStrike’s 2020 Global Security Attitude Survey. The survey reveals the need for acceleration of both digital and security transformation.

Proliferation of Ransomware Leads to More Frequent Payouts, Costing Millions

Survey data indicates ransomware attacks have proven to be especially effective, as more than half (56%) of organizations surveyed have suffered a ransomware attack in the last year. The COVID-19 pandemic catalyzed increasing concerns around ransomware attacks, with many organizations resorting to paying the ransom. The global attitude shifts from a question of if an organization will experience a ransomware attack to a matter of when an organization will inevitably pay a ransom. Notable findings include:

• Concern around ransomware attacks continues to increase, with the stark increase in this year’s findings (54%) compared to 2019 (42%) and 2018 (46%).
• 71% of cybersecurity experts globally are more worried about ransomware attacks due to COVID-19.
• Among those hit by ransomware, 27% chose to pay the ransom, costing organizations on average USD 1.1 million USD owed to hackers.
• The APAC region is suffering the most when paying the ransom with the highest average payout at USD 1.18 million USD, followed by EMEA at USD 1.06 million and the U.S. at USD 0.99 million.

Fear of Nation-State Cyberattacks Can Stifle Business Growth in Post COVID-19 World

Nation-state activity continues to weigh heavily on IT decision makers, as 87% of respondents agree that nation-state sponsored cyberattacks are far more common than people think. As growing international tensions and the global election year have created a nesting ground for increased nation-state activity, organizations are under increased pressure to resume operations despite the increased value of intellectual property and vulnerabilities caused by COVID-19. Key highlights include:

• Even with the massive rise in e-crime over the course of 2020, 73% believe nation-state sponsored cyberattacks will pose the single biggest threat to organizations like theirs in 2021. In fact, concerns around nation-states have steadily increased, as 63% of cybersecurity experts view nation-states as one of the cyber criminals most likely to cause concern, consistently rising from 2018 (54%) and 2019 (59%).
• 89% are fearful that growing international tensions (e.g. U.S.-China trade war) are likely to result in a considerable increase in cyber threats for organizations.
• Approximately two in five IT security professionals believe a nation-state cyberattack on their organization would be motivated by intelligence (44%) or to take advantage of vulnerabilities caused by COVID-19 (47%).

Digital and Security Transformation Accelerated as Business Priority

In the wake of these threats, cybersecurity experts have accelerated their digital and security transformation efforts to address the growing activity from e-crime and nation-state actors. While spend on digital transformation continues to trend upward, the COVID-19 pandemic accelerated the timeline for many organizations, costing additional investment to rapidly modernize security tools for the remote workforce. Security transformation rollout findings include:

• 61% of respondents’ organizations have spent more than USD 1 million on digital transformation over the past three years.
• 90% of respondents’ organizations have spent a minimum of USD 100,000 to adapt to the COVID-19 pandemic.
• 66% of respondents have modernized their security tools and/or increased the rollout of cloud technologies as employees have moved to work remotely.
• 78% of respondents have a more positive outlook on their organization’s overarching security strategy and architecture over the next 12 months.

“This year has been especially challenging for organizations of all sizes around the world, with both the proliferation of ransomware and growing tensions from nation-state actors posing a massive threat to regions worldwide,” said Michael Sentonas, chief technology officer, CrowdStrike. “Now more than ever, organizations are finding ways to rapidly undergo digital transformation to bring their security to the cloud in order to keep pace with modern-day threats and secure their ‘work from anywhere’ operations. Cybersecurity teams around the globe are making strides in improving their security posture by moving their security infrastructure to the cloud and remaining diligent in their incident detection, response and remediation practices.”

Some of the key India findings include:

Geopolitical:

• Highest number of attacks seen in India as compared to other regions. Ransomware, general malware, phishing and password attacks are the major concerns for Indian organizations. India has been the worst hit by ransomware in the APAC region, with 74 % having suffered a ransomware attack this year, as compared to Australia (67%), Japan (52%) and Singapore (46%)
• 36% Indian organizations have been targeted by malwares more than once in the last 12 months as compared to 28% in Japan, 23% in Singapore and 24% in Australia
• 34% Indian respondents shared that they have paid between USD 1 million – USD 2.5 million as a result of malware attacks in the last 12 months as compared to 21% in Japan, 69% in Singapore and 23% in Australia.
• Indian organizations feel most threatened by e-crime groups (90%), Hacktivists (77%) and Insider threats (66%) followed by threats from nation states (64%).
• 66% organizations in India feel threatened by nation states because they want to take advantage of vulnerabilities caused by COVID-19 (e.g. widespread remote working) as compared to 37% in Japan, 58% in Singapore and 49% in Australia.
• 60% Indian organizations feel the nature of goods they produce put them at a risk of being targeted by nation states as compared to 63% in Japan, 51% in Singapore and 49% in Australia.
• 76% respondents feel most threatened by cyberattacks originating from China followed by Pakistan (48%) and Russia (43%). China has been a common threat across regions with 75% in Japan, 72% in Singapore and 72% in Australia.
• 51% of Indian organizations feel that nation state attacks will be the biggest concern for 2021.

Digital realization during COVID-19:

• 51% Indian organizations have spent between USD 500,000 to USD 5 million on digital transformation in the last 3 years as compared to 45% in Japan, 48% in Singapore and 44% in Australia.
• 30% of the Indian respondents feel they have accelerated their digital transformation by over a year because of COVID-19 as compared to 15% in Japan, 20% in Singapore and 17% in Australia.
• 58% Indian respondents feel they have the spent the right amount of money to adapt to the current situation compared to 40% in Japan, 59% in Singapore and 45% in Australia.
• 47% of the Indian respondents have increased their rollout of cloud technology to adapt to remote working as compared to 44% in Japan, 56% in Singapore and 46% in Australia.
• 32% of the Indian respondents have spent an additional USD 500,000 – USD 1 million to adapt to COVID 19 challenges as compared to 28% in Japan, 33% in Singapore and 35% in Australia.
• 44% of the Indian respondents shared that their spending on security tools has dramatically accelerated as a result of COVID-19 as compared to 35% in Japan, 28% in Singapore and 39% in Australia.
• While adapting to COVID-19, Indian respondents shared that IT operations tools (54%), Networking (48%) and Data storage (47%) capabilities of their organizations has let them down in this time period.
• 42% Indian respondents strongly agree that disruption from COVID-19 has thrown entirely new challenges at their organization that they haven’t considered before in their disaster and recovery planning compared to 37% in Japan, 26% in Singapore and 34% in Australia.

YoY comparison:

• 40% Indian respondents feel they are capable of detecting a cyber-attack within 1 hour compared to 38% in Japan, 32% in Singapore and Australia.
• Reason for Indian organizations not being able to detect incursions - 44% respondents shared that their organizations focus more on prevention and perimeter security than detection compared to 31% in Japan, 40% in Singapore and 44% in Australia. Other concerns for Indian organizations include – challenges of legacy infrastructure (39%), and advanced skills of cyberattackers (42%).
• 24% Indian respondents feel that due to COVID-19 their detection speed has slowed down by hours whereas 25% feel their detection speed is faster than before.
• 40% Indian respondents shared that remote working and wider use of personal devices has been the biggest challenge in preventing cyberattacks followed by intrusion detection being too slow compared to 27% in Japan, 41% in Singapore and 21% in Australia.

Staffing issues:

• 42% Indian respondents feel it is slightly more difficult to hire cybersecurity professionals in comparison to last year as compared to 37% in Japan, 50% in Singapore and 46% in Australia.
• 50% Indian respondents feel it is difficult to hire cybersecurity personnel for a remote work environment compared to 35% in Japan, 41% in Singapore and 33% in Australia. Other challenges include: lack of talent in the market, high salary expectations.
• 44% Indian respondents feel it is easier to outsource cybersecurity services than direct hiring compared to 41% in Japan, 36% in Singapore and 44% in Australia.