The Impact Of Ransomware On South African Businesses In 2023

/in


On top of everything else South African businesses have to worry about, ransomware attacks are becoming more and more of a problem. And an expensive one.

An independent survey commissioned by Sophos reveals that a staggering 78% of South African organisations fell victim to ransomware attacks in the past year, marking a substantial increase from the 51% reported in the previous year’s survey.

This surge surpasses the global average of 66%, highlighting the pressing need for businesses in the region to address the ransomware threat effectively.

Ransomware root causes and attack vectors

Exploited vulnerabilities emerged as the predominant root cause of ransomware attacks in South African organisations, contributing to 49% of incidents. Compromised credentials followed closely, constituting the second most common attack vector, affecting 24% of organisations.

These findings underscore the critical importance of regularly patching vulnerabilities and implementing robust identity and access management practices to mitigate these threats effectively.

A concerning 89% of ransomware attacks in South Africa resulted in data encryption, surpassing the global average of 76%. Furthermore, data theft occurred in 35% of these cases, exceeding the global average of 30%.

However, there is a silver lining: 100% of South African organisations successfully retrieved their encrypted data, slightly outperforming the global average of 97%. This emphasises the importance of maintaining secure and accessible backups.

Ransom payments and recovery

While 45% of South African organisations opted to pay the ransom, this rate showed a slight decline from the previous year’s 49%. Globally, the average ransom payment rate in 2023 stood at 47%. Notably, 24% of South African organisations adopted multiple recovery methods simultaneously, demonstrating the importance of having diversified recovery strategies in place.

One revelation of particular note from the survey was the disclosure of a ransom exceeding $5 million (R97.3 million) paid by one organisation (although it wasn’t named). Excluding ransom payments, the average cost for South African organisations to recover from ransomware attacks…

Source…