Report: 90% of companies affected by ransomware in 2022

An annual SpyCloud survey found that 90% of organizations were impacted by ransomware over the past twelve months, an alarming increase from last year’s 72.5%.

To compile the 2022 Ransomware Defense Report, SpyCloud asked over 300 individuals in active IT security roles at U.S., UK and Canadian organizations with at least 500 employees to evaluate the threat of ransomware, as well as their companies’ cyber readiness, over the past 12 months.

Their insights show that while companies have activated to strengthen their cybersecurity postures across the board in light of the increased threat of ransomware, criminals are becoming more sophisticated, leveraging gaps in security to perpetrate attacks.

Despite increased investment in cybersecurity, over the past year, the relentless tide of ransomware continued to disrupt operations and put organizations’ data at risk. Moreover, organizations were more likely than last year to be impacted more than once: 50% were hit at least twice, 20.3% were hit between 6 and 10 times and 7.4% were attacked more than 10 times.

The growing prevalence of repeat attacks is an indication that popular methods such as data backups –– which respondents saw as their most important ransomware countermeasure –– still leave sensitive data exposed. Once an attack has occurred, retrieving lost data does not prevent attackers from sharing it on the dark web, allowing criminals to use it for future nefarious activities, including their next attack.

Malware hits security defense gaps

Malware preparedness also represents a major gap in organizations’ defenses. IT security teams face a near-total lack of visibility into malware infections on…