Yes, Ransomware is Still a Huge Problem

/in


Ransomware has been a growing plague on businesses for nearly a decade. And data shows it is increasing. New research from Sophos finds 76% of ransomware attacks resulted in the criminals successfully encrypting data. This is the highest rate of data encryption from ransomware since Sophos began its annual State of Ransomware reports in 2020. 

The latest edition of the report debunks the idea that ransomware is holding steady or even declining. In fact, 67% of organizations were hit by ransomware in 2022. This reveals rates of encryption have returned to very high levels after a temporary dip during the pandemic, as crews have refined their methodologies of attack.

“The bottom line is there are so many poorly defended targets there is endless supply,” said Chester Wisniewski, field chief technology officer at Sophos. “Ransomware gangs aren’t doing anything sophisticated. People are just so poorly defended and almost all victims are badly patched.” 

Data encryption from ransomware is at the highest level in four years, according to the report. In 30% of cases where data was encrypted, data was also stolen, suggesting this “double dip” method (data encryption and data exfiltration) is becoming commonplace for ransomware gangs. 

Paying the ransom? Then expect to pay more overall 

While many organizations panic in an attack and pay the ransom, hoping to avoid too much damage, the study finds that is a bad idea. The research reveals that 46% of respondents who were victims of data encryption in an attack paid the ransom and got data back.  But those victims that paid the ransom to get their data back saw their non-ransom recovery costs double ($750,000 in recovery costs versus $375,000 for organizations that used backups to get data back). Wisniewski said it is important to note that figure does not include the ransom cost, so victims end up paying much more once the dollar amount of the ransom is factored in.

Paying the ransom usually leads to longer recovery times. The report reveals 45% of victims that used backups recovered within a week, compared to just 39% of those that paid the ransom. 

“The increase in cost for many can partly be attributed…

Source…