Ransomware is a major security issue and one of the most common kinds of cybercrime today. The advent of ransomware has resulted in numerous high-profile attacks that have crippled crucial infrastructure and brought important supply chains to a halt. News stories feature groups brazenly demanding ransom for data being held hostage every day. The ransomware threat is evolving faster than businesses can keep up with it. Robert Lemo’s post at Dark Reading discusses the escalating ransomware threat.
Sophos Research Findings
Even though more businesses are backing up their data or paying ransom demands, data retrieval after paying the ransom was lower in 2021 than in 2020. In its “State of Ransomware 2022” study, Sophos discovered that 66 percent of polled businesses had faced ransomware attacks in 2021. Meanwhile, 43 percent of companies experienced an actual attack that encrypted data. According to the Sophos analysis, the number of companies hit by cyberattacks more than doubled last year. Additionally, the average ransomware payment more than quadrupled to $812,000. Ransoms of over $2 million were paid by companies in the energy and industrial industries. Extortion costs are insignificant in comparison to the losses endured by companies due to the cyberattacks.
Paying Ransom Is a Bad Investment
Sopho’s data-recovery statistics show that paying ransoms is a lousy investment. 99 percent of businesses were able to retrieve part of their data (about 61 percent). While 46 percent of companies paid a ransom, just 4 percent had all their data recovered. The number is down from 8 percent in 2020. The Sophos poll claims that the average infected healthcare business paid $197,000, while the average compromised state or local government spent $214,000 in ransom in 2020.
Cyber Insurance Is Becoming an Incentive for Ransomware
According to a Sophos study, most businesses (94 percent) did not qualify for cyber insurance, and virtually all (97 percent) had to make adjustments to their defenses in order to qualify for coverage. Per the study, 98 percent of ransomware-stricken enterprises received a refund under their cyber-insurance policies. Meanwhile, just 77 percent received reimbursements for clean-up costs, and only 40 percent of the policies paid the ransoms.
To read the original article, click on https://www.darkreading.com/attacks-breaches/ransomware-crisis-deepens-data-recovery-stalls