CEM REPORT, ICT | Hackers have succeeded in encrypting the data of organisations in 76 per cent of ransomware attacks, a report has said.
This signals that high rates of encryption have returned after a temporary dip during the pandemic.
According to the Sophos annual report tagged, “State of Ransomware 2023,” Overall, 66 per cent of the organisations surveyed were attacked by ransomware, the same percentage as the previous year.
The report added that 46 per cent of organisations surveyed had their data encrypted and paid the ransom.
The survey also revealed that when organisations pay ransom to get their data decrypted, they ended up doubling their recovery costs to as much as $750,000, adding that paying the ransom usually means longer recovery times.
According to Field CTO at Sophos, Chester Wisniewski, ransomware crews have been refining their methodologies of attack and accelerating their attacks to reduce the time for defenders to disrupt their schemes.
He added that when analysing the root cause of ransomware attacks, the most common was an exploited vulnerability, followed by compromised credentials.
Furthermore, he noted that more than half of businesses with revenue of $500 million or more paid the ransom, with the highest rate reported by those with revenue over $5 billion.
Wisniewski explained that this could partially be because larger companies are more likely to have a standalone cyber insurance policy that covers ransom payments, “
“Incident costs rise significantly when ransoms are paid. Most victims will not be able to recover all their files by simply buying the encryption keys. They must rebuild and recover from backups as well. Paying ransoms not only enriches criminals, but it also slows incident response and adds cost to an already devastatingly expensive situation.”
Sophos is a global leader in innovation and delivery of cybersecurity-as-a-service. It has been conducting and issuing ransomware survey reports since 2020.