Ransomware still in the system despite eradication?


Today, research has revealed that over a third of British businesses (36%) are not ‘very confident’ that efforts to completely eradicate a recent ransomware attack from work systems have been successful.

The research – commissioned by Citrix and carried out by One Poll – quizzed 500 IT decision makers in companies with 250 or more employees across the UK to uncover the extent to which large British organisations are prepared for the threat of ransomware.

>See also: The evolution of ransomware: what lies ahead?

The research also considered the proportion of businesses which have been targeted with a successful ransomware attack and the current impact of these attacks on corporate devices.

Prior planning (and policy) prevent poor performance

This latest poll has found almost half (45%) of large British businesses have fallen victim to a successful ransomware attack. Despite this, more than 1 in 10 (11%) of large organisations still do not have a formal ransomware policy in place.

Although British businesses are increasingly threatened by this strain of malware, almost two fifths (38%) of these unprepared businesses are not planning to implement a ransomware-focused policy in the next 12 months.

Conversely, half of this group confirmed that firm plans are in place to put such a policy into practice in the next year.

Chris Mayers, chief security architect, Citrix, said: “Cyber criminals are continuing to exploit British businesses by launching ransomware attacks to remove access to mission-critical data or to make significant sums of money by demanding large ransoms for the safe return of such data. Despite this, many organisations have yet to take action and implement policies which will ensure the IT network is well prepared for a possible attack.”

>See also: 6 steps to protect your company from crypto-ransomware attacks

“By committing to robust cybersecurity techniques and ensuring specific policies are in place in case of an attack, companies can lessen the chances of falling prey to ransomware and creating any vulnerabilities for cyber-attackers to find.”

Ransomware infection rate across devices

The poll also dug into the extent to which ransomware attacks have affected corporate devices and systems, revealing that IT often faces significant numbers of infected devices.

On average, businesses reported that 47 devices had been infected by their most recent ransomware attack but 33% of businesses with over 1000 employees reported that more than 101 devices were affected.

Among those organisations which had fallen victim to a ransomware attack, less than a third saw 25 or fewer devices affected.

>See also: Ransomware is spreading through cloud apps

Mayers added that “falling prey to a ransomware campaign can have a devastating effect on a business, from the loss of highly sensitive corporate data to reduced revenues and a sharp decline in public trust. It’s worrying to see many businesses are concerned that ransomware may be lingering on the corporate network after mitigation efforts have taken place, particularly when it can spread across many different devices.”

“Setting robust cyber standards is a crucial first step to addressing this. By using technology, which focuses on the secure delivery of data and apps to all devices and desktops – including the capability to wipe them remotely – organisations are safeguarded from losing devices and critical data to cyber attackers.”


Nominations are now open for the Tech Leaders Awards 2017, the UK’s flagship celebration of the business, IT and digital leaders driving disruptive innovation and demonstrating value from the application of technology in businesses and organisations. Nominating is free and simply: just click here to enter. Good luck!

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...

Related Topics

Cyber Attack