Findings from an independent, vendor-agnostic survey of 5,600 IT professionals
in mid-sized organizations across 31 countries, including 422 respondents from
the retail sector.
Sophos’ annual study of the real-world ransomware experiences of IT professionals in the retail sector has revealed an ever more challenging attack environment together with the growing financial and operational burden ransomware places on its victims.
It also shines new light on the relationship between ransomware and cyber insurance, including the role insurance is playing in driving changes to cyber defenses.
About the survey
Sophos commissioned research agency Vanson Bourne to conduct an independent, vendor-agnostic survey of 5,600 IT professionals, including 422 from retail. Respondents were from mid-sized organizations (100-5,000 employees) across 31 countries. The survey was conducted during January and February 2022, and respondents were asked to answer based on their experiences over the previous year.
Ransomware attacks are up over the last year
77% of retail organizations were hit by ransomware in 2021, up from 44% in 2020. This is a 75%
rise over the course of a year, demonstrating that adversaries have become considerably more
capable of executing attacks at scale. In fact, in 2021, retail reported the second highest rate
of ransomware attacks of all sectors surveyed. For comparison, 66% of respondents across all sectors reported being hit by ransomware over the last year. [Note: hit by ransomware was defined as one or more devices being impacted but not necessarily encrypted.]
In addition to reporting an above-average rate of ransomware attacks, retail also had an aboveaverage rate of data encryption with 68% of victims having data encrypted compared to a cross-sector average of 65%. Just 28% of retail respondents said they were able to stop the attack before the data could be encrypted, below the cross-sector average of 31%.
Interestingly, retail reported a considerable drop in extortion-only attacks, down from 12% in 2020 to 3% in 2021. While on the face of it this is good news, at Sophos we have seen an increase in adversaries combining both ransomware and extortion in an effort to increase the success rate of their campaigns. Therefore, this drop likely reflects a change in tactics by the adversaries rather than a move away from data extortion.
The rise in successful ransomware attacks is part of an increasingly challenging threat environment that has affected organizations across all sectors, including retail.
Over the last year, 55% of retail respondents reported an increase in the volume of cyberattacks, 55% reported an increase in attack complexity, and 51% reported an increase in the impact of attacks on their organization. While these numbers are concerning, they are all below the cross-sector average, indicating that retail was less affected than many other sectors.