Ransomware and Hybrid Work, by the Numbers (Part 2)

If you happened to catch our previous post on ransomware stats, you might have thought that it captured all there was to say on the subject. Unfortunately, ransomware is a pervasive threat that shows no sign of going away. In fact, it’s only getting worse, and that worrying growth is being fueled by the widespread transition to hybrid workplace models.

For this follow-up post, we wanted to start by diving a little deeper into some of the trends and attitudes that were revealed in Tessian’s information-rich “Back to Work: Security Behaviors Report.” We’ll then look at a few additional stats and research findings that highlight the role of RDP in remote work and ransomware attacks.

  1. More than a quarter of employees don’t want to inform IT that they made a security mistake. The survey that Tessian conducted for its research found that 27% of workers made a cybersecurity mistake while working from home. What’s more concerning is that they didn’t tell anyone they had potentially compromised company security—some out of fear of being disciplined or having to sit through more security training. This suggests that there are potentially many undetected and unreported security breaches that fly under IT’s radar.
  2. 69% of IT leaders say that ransomware endangers the hybrid workplace. Guarding against ransomware attacks is not a fringe concern. Nearly seven out of every ten IT leaders were of the opinion that ransomware in particular poses a growing threat in hybrid work environments. One in four were in strong agreement with that assessment. Of the various industries that were represented, those in the legal sector were most (83%) concerned by ransomware, with those in technology (82%) and healthcare (77%) not far behind
  3. Over half of 16- to 24-year-olds said they’ve cut corners when it comes to security. Among some organizations, there’s a sense that their tech-savvy younger employees are going to uphold the strict security practices that frustrate their tech-averse senior counterparts. That’s not necessarily true. Tessian found that 51% of employees aged 16–24 and 46% of those aged 25–34 year admitted to using security workarounds while working remotely. Those figures were halved (or more) among the 45–55 and 55+ demographics.
  4. Nine out of ten organizations will adopt a hybrid model going forward. A McKinsey survey found that 90% of organizations said they’d be shifting to a mix of remote and on-site work—that is, a hybrid work model—in the wake of the COVID-19 pandemic. At the same time, McKinsey has also said that the shift to hybrid environments will be messier than most companies realize. Opportunistic hackers are already actively exploiting the resulting gaps in security, not least through ransomware attacks.
  5. RDP was the initial attack vector in 50% of ransomware deployment cases. The remote desktop protocol (RDP) is a pivotal technology in allowing remote employees to access business-critical applications. The problem is that RDP ports tend to remain exposed to the Internet, which gives hackers a fairly wide and rewarding target. At the height of the pandemic in December 2020, Palo Alto Networks’ Unit 42 found that poor RDP security accounted for half of ransomware deployment vectors.
  6. Security-focused search engine Shodan found 4 million exposed RDP ports. One article has noted that Shodan, a search engine designed to find Internet-connected devices, identified over 4 million exposed RDP ports plus at least 14,000 Windows RDP servers that are reachable via the Internet. That creates a veritable buffet for malicious actors. However, the article’s recommendation that virtual desktop solutions will solve RDP issues overlooks the fact that virtual desktops aren’t always the right tool for supporting a hybrid workforce.
  7. Cybersecurity startups have already brought in $12.2 billion this year. With many organizations understandably nervous about ransomware and what hybrid work will mean for their security practices, enterprising cybersecurity firms have capitalized on this niche to the tune of over $12 billion. That’s more than double what the industry raised throughout 2016. However, when the underlying risk for ransomware attacks are phishing e-mails or RDP vulnerabilities, hiring a big-ticket cybersecurity company could be overkill for the problem at hand. 

The cost-effective way to empower hybrid workers and protect against RDP vulnerabilities 

The available data clearly show that:

  • ransomware is on the rise in hybrid workplaces
  • organizations are set on adopting hybrid working environments
  • remote employees aren’t always diligent or forthright about their security practices
  • vigilance is essential, especially when it comes to RDP vulnerabilities, and
  • there’s no shortage of cybersecurity solution providers who want to offer their (expensive) services.

So, what’s an organization to do?

Camyeo’s virtual app delivery allows organizations to provide their remote workers with the apps they need to stay productive—simply, securely and cost-effectively. Via Cameyo’s secure HTML5 browser session, users can seamlessly access their business-critical software with native performance from any device, anywhere in the world.

The best part is that this flexibility also comes with tighter security built in at the core. Cameyo NoVPN encrypts all data traffic while keeping the user’s device separate from the corporate network. This avoids both the inherent security risk of VPNs as well as the complexity that encourages users to find workarounds. Meanwhile, Cameyo Port Shield opens and closes RDP ports—dynamically and automatically—only for authenticated users (with re-authentication required each time).

In addition, Cameyo’s virtual app delivery platform implements best practices by aggressively clearing non-persistent data. When a user’s session is over, the temporary data is wiped from the server, which prevents hackers from being able to exploit it.

Take advantage of our free trial of Cameyo (no credit card required) and see how you can avoid ransomware attacks while giving remote users instant, effortless access to the right software. If you’d prefer, you can also schedule a demo of our virtual app delivery platform. With Cameyo, you’ll discover that a productive hybrid workplace and a strict Zero Trust security model aren’t mutually exclusive.