A recent survey by KnowBe4 on prevention of ransomware attacks has revealed that antivirus deployment is not enough to ward these off and using a "human firewall" is more necessary. The 2017 Endpoint Protection Ransomware Effectiveness Report says that regular training and phishing attack testing of employees is necessary to counter ransomware, which in the last one year brought the success ratio of such attacks down to 21 percent.

KnowBe4, a provider of security awareness training, found that despite security solutions, 53 percent of organizations have still been a victim of ransomware.

Stu Sjouwerman of KnowBe4 says: “Our research findings are fascinating as they illustrate that most companies are in an arms race to deploy endpoint solutions, such as antivirus protection, but their focus on this investment is leaving massive gaps that can be manipulated. The bottom line: even with antivirus, ransomware is going to get in.”

The company says that any given ransomware attack will, on an average, impact six endpoints and two servers and not just one machine. An attack, it discovered, sets back the victim by 12 hours of user downtime and 12 hours of technology investment.