Skip to main content

Poor endpoint visibility exposing firms to 'systemic ransomware attacks'

(Image credit: Image Credit: WK1003Mike / Shutterstock )

Most organizations have poor visibility (opens in new tab) into their endpoints, which makes them highly vulnerable to ransomware. Further, once the ransomware infects a network, they are almost powerless to stop it from spreading.

This is according to a new report from Illumio, based on a poll of 344 IT professionals, which states that more than half (59 percent) of respondents do not have access to data on attempted connections to work laptops from other devices on the local network.

Furthermore, almost half (45 percent) are limited to the visibility of the VPN (opens in new tab) and a quarter (26 percent) rely only on their endpoint detection and response tools (EDR) to monitor traffic and connections on their network. The report also claims that VPN plays an “outsized” role in network security, as nine in ten require employees to use a VPN to some extent.

If an employee were to bring an infected device into the corporate network, ransomware can easily spread, Illumio says, as most organizations only use traditional endpoint security solutions for protection and rarely employ zero-trust.

The situation isn't likely to improve any time soon either, the report claims, with organizations not expected to invest heavily in campus security and networking technologies until the majority of workers return to the office.

“Security teams need deeper defenses, particularly on the endpoint, but they really need an end-to-end strategy from the endpoint through the datacenter and cloud,” said PJ Kirner, CTO and co-founder at Illumio.

“This is the only means of stopping ransomware from spreading throughout your network and reaching crown jewel applications. Especially as we navigate hybrid working models at scale, it’s crucial that organizations incorporate Zero Trust strategies into their cybersecurity approach.”

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.