Source: www.databreachtoday.com – Author: 1
Fraud Management & Cybercrime
,
Next-Generation Technologies & Secure Development
,
Ransomware
How Attacks Have Changed; New Insights Into How an Attack Affects the Business
Sally Adam
The fifth annual Sophos State of Ransomware Report reveals the real-world ransomware experiences of 5,000 organizations around the globe, from root cause through to severity of attack, financial impact and recovery time.
See Also: Gartner Magic Quadrant for Single-Vendor SASE
Based on the findings of a survey of IT/cybersecurity leaders across 14 countries, this year’s report combines year-on-year insights with brand-new areas of study. It includes a deep dive into ransom demands and ransom payments and shines new light on the role of law enforcement in ransomware remediation.
Download the report to get the full findings, and read on for a taster of some of the topics covered.
- Attack rates are down, but recovery costs are up.
Of those surveyed, 59% of organizations were hit by ransomware last year. That’s a small but welcome drop from the 66% reported in both the previous two years. While any reduction is encouraging, with more than half of organizations experiencing an attack, this is no time to lower your guard.
Image: Sophos While the attack rate has dropped over the last year, overall recovery costs – excluding any ransom payment – have soared to $2.73 million, a 50% increase from the $1.82 million reported in 2023.
- Full estate encryption is rare.
On average, just under half – 49% – of an organization’s computers are affected by a ransomware attack. Having your full environment encrypted is extremely rare; only 4% of organizations reported that 91% or more of their devices were affected.
Image: Sophos - More than half of victims now pay the ransom.
For the first time, more than half – 56% – of the organizations that had data encrypted admitted to paying a ransom to recover that data. The use of backups has dropped slightly from last year – 68% vs. 70% – while 26% used “other means” to get data back, including working with law enforcement or using decryption keys that had already been made public.
Image: Sophos A notable change over the last year is the increase in propensity for victims to use multiple approaches to recover encrypted data – e.g., paying the ransom and using backups. Almost half of organizations that had data encrypted – 47% – reported using more than one method this time around. That’s more than double the rate reported in 2023 – 21%.
- Ransom payments have soared, but victims rarely pay the initial sum demanded.
Of those surveyed, 1,097 respondents whose organizations paid the ransom shared the actual sum paid, revealing that the average or median payment has increased fivefold over the last year, from $400,000 to $2 million.
While the ransom payment rate has increased, only 24% of respondents say that their payment matched the original request – 44% paid less than the original demand, while 31% paid more.
Image: Sophos
For more insights into ransom payments, and many other areas, download the full report
About the Survey
The report is based on the findings of an independent, vendor-agnostic survey commissioned by Sophos of 5,000 IT/cybersecurity leaders across 14 countries in the Americas, EMEA and Asia-Pacific. All respondents represent organizations with between 100 and 5,000 employees. The survey was conducted by research specialist Vanson Bourne between January and February 2024, and participants were asked to respond based on their experiences over the previous year. Within the education sector, respondents were split into lower education – catering to students up to 18 years old – and higher education – for students more than 18 years old.
Original Post url: https://www.databreachtoday.com/blogs/state-ransomware-2024-p-3622
Category & Tags: –
