A recent International Data Corporation (IDC) survey, sponsored by HP Inc., found that many organisations do not manage endpoint security strategically or consistently.
It states that security is often a secondary consideration for organisations after cost and performance when acquiring new devices such as PC’s and printers.
The survey found that PCs are more likely to be included in the business’s cybersecurity strategy. Even so, less than a third of respondents said that endpoint device security forms a significant component of their business’s overall cybersecurity strategy.
Printers and tablets are viewed as much lower risk than desktop and laptop PCs, but the fact is that these devices can be targeted just as easily in the current landscape. For laptops and desktop PCs, 92.5% of procurement documents specify security requirements compared to just 48% for printers.
The fact is that a printer is essentially another computer on your network and should be treated as such. And attackers only need to compromise one account to gain access to your organisational data.
One particularly concerning statistic from this survey was the amount of time it would take the respondents organisations to recover functional PC devices (operating systems / not user data) in the case of a NotPetya style attack.
The terrifying thing about NotPetya was that it was not designed to demand ransom funds from its victims – its sole purpose was to infect and destroy. The speed at which it spread meant that it spiralled out of control very quickly, even spreading back to Russia, where it originated, striking the state oil company Rosneft after infecting countless machines around the world.
“To date, it was simply the fastest-propagating piece of malware we’ve ever seen,” says Craig Williams, director of outreach at Cisco’s Talos division, one of the first security companies to reverse engineer and analyze NotPetya. “By the second you saw it, your data center was already gone.”
For a bit of background on NotPetya (and a really good read) visit https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/
Alarmingly, 29% of respondents in the IDC survey, said it would take them between 2 and 12 weeks to recover 100% of their estate. 40% said it would take them the same amount of time to recover just 50%.
That’s 69% of respondents with entire sections of their network out of action for up to 3 months! More than a quarter of respondents said it would take them over 1 year to recover 100% of their IT estate.