State of ransomware in financial services
Ransomware is a scourge suffered by organizations across the industry spectrum, but financial services continues to be particularly hard hit, according to the latest Sophos report on The State of Ransomware in Financial Services.
Ransomware is nothing new to financial industry cybersecurity professionals, who have seen these attacks wreak havoc on institutions big and small for more than half a dozen years. And in recent months, ransomware attacks have stepped up, putting them front and center for the industry.
Indeed, financial IT security professionals and researchers alike have pointed out how ransomware attacks are not only becoming more pervasive, but more sophisticated — creating a wave of new threats that even the most security-conscious banks and investment firms are hard-pressed to stop.
Rise in ransomware attacks against financial services
In 2021, more than half (55%) of financial service firms were victims of at least one ransomware attack, up from 34% the previous year, representing a 62% rise in these threats in just one year, according to Sophos’ report. The study was derived from research Sophos commissioned with Vanson Bourne, which surveyed 5,600 IT professionals, including 444 from financial services in the first two months of 2022.
Among the report’s key findings:
- Ransomware attacks on financial services increased – 55% of organizations were hit in 2021, up from 34% in 2020.
- The increased attack rate is part of a cross-sector, global trend. Even though the attack rates are higher in 2021, financial services reported the lowest attack rates of all sectors.
- Financial services reported the second-lowest rate of data encryption at 54%. The global average was 65%, for comparison.
- 52% of financial services organizations paid the ransom to restore data, which is higher than the global average of 46%.
- The amount of data restored by financial services has remained constant at 63% across 2020 and 2021; the global average is 61%. However, the percentage of financial services organizations that got ALL their encrypted data back went up from 4% in 2020 to 10% in 2021. For comparison, the global average in 2021 was just 4%.
- The rate of ransom payment by the financial services…
