78 per cent of organisations in the UAE indicated that they had been impacted by ransomware in 2020, according to Mimecast’s latest data
UAE enterprises have faced unprecedented cybersecurity risk in 2020 from increasing attack volume, the pandemic-driven digital transformation of work, and generally deficient cyber preparedness and training, according to a recent industry report.
The Mimecast fifth annual, ‘The State of Email Security’ report, revealed that 78 per cent of organisations in the UAE indicated they had been impacted by ransomware in 2020, a massive increase from 66 per cent of companies reporting such disruption in the previous year’s report.
It also found that companies impacted by ransomware lost an average of six working days to system downtime, with 29 per cent of the companies in the UAE saying downtime lasted one week or more. Additionally, 43 per cent of ransomware victims paid threat actor ransom demands, but only 44 per cent of those were able to recover their data. More than half (56 per cent) never saw their data again, despite paying the ransom.
The report also found that while ransomware was a big problem for organisations in 2020, it wasn’t the only one. Mimecast also revealed additional threat trends, including an increase in email spoofing activity. It revealed that in the UAE, 88 per cent said they are concerned about the risks posed by archived conversations from collaboration tools compared to the 71 per cent globally.
All of these data points can be attributed to the pandemic: work-from-home increased email and collaboration tool usage and threat actors sought to capitalise on the new ‘digital office’ with massive waves of COVID-19-related social engineering attacks.
Despite facing an elevated threat volume, the report found that companies aren’t doing well in the area of threat prevention. In addition to the 86 per cent of local respondents who indicated a lack of cyber preparedness (compared to 79 per cent globally).
As many as half of those surveyed in the UAE said their organisations fall short in one or more critical areas of email security systems (compared to 40 per cent globally), leaving employees open to phishing, malware, business email compromise and other attacks.
Furthermore, 50 per cent of the respondents in the UAE said that employee naiveté about cybersecurity is one of their greatest vulnerabilities, and yet only one in five respondents indicated they have ongoing (more than once per month) security awareness training in place.
Given these factors, it’s not surprising that 75 per cent of survey respondents in the UAE believe their business will be harmed by email attacks in the next year. In 2020, 60 per cent of respondents said they felt this way.