Mitigating ransomware attacks in SA organisations

/in


A recent independent, vendor-agnostic survey of 200 IT professionals in medium-sized organisations in South Africa painted a rather dismal picture of the effects of ransomware on the respondents’ organisations.

As part of the larger project undertaken by an independent research company for Sophos, the resulting report – The State of Ransomware 2023 – discussed the findings from interviews with 3 000 IT/cyber security leaders across 14 countries.

Conducted between January and March this year, the survey covered the experiences of the respondents over the past 12 months regarding ransomware. One of the key findings was that there was a considerable increase in the number of South African organisations affected by ransomware attacks in the past year.

“It is very sobering to realise that there was a 27% increase in organisations affected by ransomware attacks, from last year’s 51%. And this is higher than the global average of 66%, indicating that South African organisations are indeed very vulnerable to attack,” says Charleen Rheeder, Product Manager and Shared Service Support from the Elvey Group (part of the Hudaco Group of companies), local distributor of Sophos technology.

A staggering 89% of all attacks in SA resulted in data being encrypted, which again is higher than the global average – at 76%. It is also significantly higher than the figure – just 12 months previously – where data was encrypted in 45% of data in South African attacks. In addition, data was stolen in 35% of these attacks, higher than the global average of 30%.

“Where South Africa did outshine the global market was in the complete recovery of encrypted data, which is 3% better than the global average. Furthermore, there was a decrease in 4% of affected organisations paying the ransom, bringing it to 2% lower than the global average of 47%. Sadly, though, two local organisations paid a hefty ransom of over $5 million each,” says Rheeder.

The average cost (excluding ransom payments) of recovery from a ransomware attack was reported at $750 000, including downtime costs, lost business opportunities, device costs, people costs and network costs.

According to the report, it is far cheaper to…

Source…