Skip to main content

Poor endpoint visibility exposing firms to 'systemic ransomware attacks'

ransomware
(Image credit: Image Credit: WK1003Mike / Shutterstock )

Most organizations have poor visibility into their endpoints, which makes them highly vulnerable to ransomware. Further, once the ransomware infects a network, they are almost powerless to stop it from spreading.

This is according to a new report from Illumio, based on a poll of 344 IT professionals, which states that more than half (59 percent) of respondents do not have access to data on attempted connections to work laptops from other devices on the local network.

Furthermore, almost half (45 percent) are limited to the visibility of the VPN and a quarter (26 percent) rely only on their endpoint detection and response tools (EDR) to monitor traffic and connections on their network. The report also claims that VPN plays an “outsized” role in network security, as nine in ten require employees to use a VPN to some extent.

If an employee were to bring an infected device into the corporate network, ransomware can easily spread, Illumio says, as most organizations only use traditional endpoint security solutions for protection and rarely employ zero-trust.

The situation isn't likely to improve any time soon either, the report claims, with organizations not expected to invest heavily in campus security and networking technologies until the majority of workers return to the office.

“Security teams need deeper defenses, particularly on the endpoint, but they really need an end-to-end strategy from the endpoint through the datacenter and cloud,” said PJ Kirner, CTO and co-founder at Illumio.

“This is the only means of stopping ransomware from spreading throughout your network and reaching crown jewel applications. Especially as we navigate hybrid working models at scale, it’s crucial that organizations incorporate Zero Trust strategies into their cybersecurity approach.”