Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Cyber Attacks
  • The State of Security: Ransomware
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

The State of Security: Ransomware

4 years ago Tripwire Guest Authors
The State of Security: Ransomware

Sophos Labs recently released its annual global study, State of Ransomware 2022, which covers real-world ransomware experiences in 2021, their financial and operational impact on organizations, as well as the role of cyber insurance in cyber defense.

The report, which surveyed 5,600 IT professionals in mid-sized organizations across 31 countries, shows that ransomware attacks are increasing and becoming more sophisticated. In 2021, 66% of organizations were hit with ransomware, an increase of 29% compared to 2020.

Cybercriminals are finding more complex ways to launch ransomware attacks. An average of 57% of the companies surveyed reported an increase in the volume of attacks, and 59% said the complexity of attacks had increased. With the everything-as-a-service model, even those criminals without the skills and financing required to deploy a unique ransomware attack can use ready-made packages.

What’s worse is cybercriminals are becoming more successful at encrypting data in ransomware attacks. In 2021, data was encrypted in 65% of the attacks, an increase of 11% compared to the 54% success rate in 2020. However, extortion-only attacks saw a reduction from 7% to 4% — attacks where the attackers don’t encrypt data, but exfiltrate it and threaten to publicly publish it as the ransom method.

The Cost of Ransom Payments is Increasing

Ransom payments are becoming inflated. The number of organizations that paid a ransom of $1 million or more rose to 11%, up from 4% in 2020. Whereas the percentage of organizations paying less than $10,000 dropped from 34% in 2020 to 21% in 2021.

More organizations are choosing to pay the ransom to get their data back. 46% of the survey respondents paid the ransom to decrypt the data impacted by ransomware. 26% of organizations that had other options for recovering their data, such as backups, still chose to pay the ransom. As a result, the total ransom paid in 2021 rose by a factor of 4.8, from $170,000 in 2020, to $812,360.

The percentage of data restored after paying the ransom has dropped. Forty-six percent of organizations who paid the ransom only got 61% of their data back, down from 65% in 2020. Only 4% of organizations got all of their data restored after paying the ransom, down from 8% in 2020.

Increased Operational Impacts of Ransomware

Ransomware attacks have a significant impact on the operations of affected companies. In the study, 53% of the organizations said the impact of attacks had increased. And a total of 90% of the victims stated that the attack had impacted their operations. 86% of companies in the private sector reported that the attack had resulted in the loss of business and/or revenue.

On average, organizations that suffered a ransomware attack took one month to recover from the damage and disruption. The average cost of remediating ransomware attacks fell to $1.4 million in 2021. The average cost of recovering from attacks was $1.85 million in 2020.

According to the report, a few factors that may have played a role in the decrease of costs in 2021 include:

  • Ransomware attacks have become more prevalent.
  • Remediation costs have been reduced because insurance providers can help their customers rectify threats quickly and effectively.
  • The reputational damage of ransomware attacks has been reduced.

Companies are Getting Better at Restoring Data

The report notes that organizations are better prepared at restoring data in the event of a ransomware attack. Almost all the organizations hit by ransomware in 2021 (99%) managed to get some of their encrypted data back, up from 96% in 2020.

About half of the companies surveyed (44%) reported using multiple approaches to maximize the speed of restoring their data. More than 73% used backups to restore data, 46% said they paid ransom to restore it, while 30% used other means to restore their data including using decryption tools.

Industries that had the highest use of backups included media, leisure, and entertainment, followed by energy, oil/gas, and utilities.

The Role of Cyber Insurance

Many companies rely on insurance to help them recover from a ransomware attack. Organizations reported that insurance paid 77% cleanup costs and 40% ransom in 98% of the incidents. However, while 83% of organizations had cyber insurance, 34% had exclusions and exceptions in the policy.

Organizations hit by ransomware attacks over the last year are more likely to have insurance coverage compared to those that didn’t experience an attack. Among those hit, 89% had cyber insurance compared to 70% that were not hit. Sophos highlights three possible reasons:

  • Organizations hit by a ransomware attack may seek cover to help mitigate the impact of future attacks.
  • Cybercriminals target companies protected by the insurance coverage to maximize their chances of a ransom payout.
  • Companies seek cover to balance known weaknesses in their defenses.

Organizations with a large number of employees are also more likely to have insurance coverage. On average, 83% of the companies with 3,001 to 5,000 employees had insurance, compared to 73% of companies with 100 to 250 employees.

It’s becoming more difficult to secure cyber insurance coverage. Most companies (94%) said their experience of securing cyber insurance has changed over the last 12 months in the following ways:

  • The process is longer.
  • Organizations offering insurance protection are very few.
  • There’s a higher demand for cybersecurity measures.
  • Policies are complex or expensive.

This is understandable, as insurers are not going to write a policy for an organization that is not taking action to prevent an attack.

Conclusion

This latest report sheds new light on the problem of ransomware. The percentage of organizations directly impacted by ransomware has increased significantly over the last year. Consequently, companies have had to adopt different approaches to help in combating the impact of attacks. Nearly everyone affected (99%) got some of the encrypted data back, with two-thirds restoring affected data from backups.

More organizations are purchasing cyber insurance to help with the financial risks of an attack. However, it’s becoming difficult to acquire coverage, and even though the insurance pays some of the ransom in almost all claims the proportion of encrypted data given back has dropped.

The findings of the report can be used as a blueprint for organizations that need to augment their security against ransomware attacks. Organizations should not only invest in the right technology but also have the skills and know-how to implement it effectively. They should also seek to partner up with experts who can help get the most return out of their cybersecurity investments and elevate their defenses.

About the Author: Mary Manzi is a Hubspot certified cybersecurity marketing professional. her work has appeared on various cybersecurity websites such as Geekflare and Silentbreach.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

The post ” The State of Security: Ransomware” appeared first on TripWire

Source:TripWire – Tripwire Guest Authors

Tags: Encryption, High Severity, Malware, Medium Severity, Ransomware, TripWire, Vulnerability

Continue Reading

Previous MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched
Next Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks

More Stories

  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery

10 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk

11 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities

12 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach

How Samsung Knox Helps Stop Your Network Security Breach

14 hours ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

16 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Data Breach
  • Vulnerabilities

Claude Opus 4.6 Finds 500+ High-Severity Flaws Across Major Open-Source Libraries

19 hours ago [email protected] (The Hacker News)

Recent Posts

  • China-Linked DKnife AitM Framework Targets Routers for Traffic Hijacking, Malware Delivery
  • CISA Orders Removal of Unsupported Edge Devices to Reduce Federal Network Risk
  • Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
  • How Samsung Knox Helps Stop Your Network Security Breach
  • Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT