2022-06-16 00:00:00

Securitybackup|cybercriminals|network|payment|ransomware

Something is terribly wrong: 66% of organizations hit by ransomware in 2021

Ransomware attacks into organizations' IT systems have been around in their current form for about 10 years, but it looks like the problem is still getting worse. Cybercriminals made a new record in successful ransomware attacks in 2021 when they managed to break into 66% of mid-sized organizations' computer networks.

Cybersecurity consultancy Sophos conducted an extensive survey about ransomware incidents among mid-sized organizations across the world. Altogether, 5600 organizations responded, but only 965 shared the payment details.

The disturbing highlight of the survey is that two thirds (66%) of organizations have been victims of ransomware attacks. The number is so high that we can safely assume practically every organization will be hit, and a number of organizations will be hit twice or more.

Other highlights from the Sophos 2022 ransomware survey:

  • 46% of ransomware victims paid to criminals, although many of them had backup data.
  • More than half (54%) of victims did not pay the ransom.
  • The average ransomware payment was 812,360 dollars - note that the survey covered mid-sized organizations only. The trend points up, however, since over million dollar payments increased three times more frequent from previous year.
  • 86% of enterprise victims had lost business and/or revenue because of a ransomware attack.
  • The average time to recover from an attack was one month with an average cost of 1.4 million dollars.
  • 83% of organizations have insurance that covers cybercrime. In 98% of ransomware cases, the insurance covered all or some of the costs.
two routers in small business office
Small organization network equipment.

Why cybercriminals manage to break into so many organizations?

A ransomware attack is typically initiated with an virus-like program that is sneaked in an organization's network. Phishing - using social engineering to convince an employee to install a malicious program is the most popular method. The malicious piece of software can also infiltrate to a network from a USB stick, innocent-looking web page link, or from a mobile phone app store. There are so many ways that it is practically impossible to prevent every method.

Another reason why cybercriminals succeed is availability of tools and services. Criminals who don't have technical skills can buy ransomware attacks as a service. Perhaps the time we are living now will be remembered as the golden era of cybercrime when it was easy to make millions of dollars simply by using tools available.

Unbelievable: 66% of mid-sized organizations are ransomware victims. I can't think of any other type of crime that has methods to facilitate breaking into so many protected places as cybercrime.

There must be something terribly wrong with 46% of ransomware victim organizations that decided to pay the ransom. Perhaps they weren't sure what the status of backup data was, and how long it would take to recover the data.

At the same time, security professionals are working hard to lock down internal networks, educate users, and restrict access to internal resources. They are probably asking: What can we learn from those 54% of ransomware victims who didn't pay the ransom, but trusted they can quickly and safely recover on their own? One can assume that organizations that didn't pay must have been absolutely sure they had everything backed up, they had executed a dry-run recovery process so they knew how long it roughly takes, and they had a step by step plan for recovery.

The latest trend in IT security is Zero Trust -model. The rough overall idea is to verify every connection even after a user has successfully been authorized to the internal network. Artificial Intelligence is already applied to cybersecurity, and will be used more as the technology matures.


The Sophos State of Ransomware 2022 survey was conducted in January and February 2022. It consisted of interviews of 5,600 IT decision makers in 31 countries: the US, Canada, Brazil, Chile, Colombia, Mexico, Austria, France, Germany, Hungary, the UK, Italy, the Netherlands, Belgium, Spain, Sweden, Switzerland, Poland, the Czech Republic, Turkey, Israel, UAE, Saudi Arabia, India, Nigeria, South Africa, Australia, Japan, Singapore, Malaysia, and the Philippines. Only mid-sized organizations between 100 and 5,000 employees were included.

News

2025-01-15 08:59:00

Not to mention travel – when real life experiences in a destination don’t match the expectations and everything that can go wrong, goes wrong. Well, that’s the beauty of #travel. #Europehttps://klaava.com/nitpickers-travel-journal-travel-lessons-learned-in-2024/


News

2025-01-11 13:25:00

A conclusion from the Traffic Scorecard 2024 results is it takes about double the time to drive along the streets of London (the most congested city in #Europe) than the streets of Munich, which is ranked the 21st most congested European city. #traffic #travelhttps://klaava.com/the-cities-in-europe-where-people-are-stuck-in-traffic-most-often/


A shop dedicated to tasty juice

2025-01-09 14:04:10

arihak

A shop dedicated to tasty juice


in the busy old town center.

2025-01-08 16:16:08

in the busy old town center.


News

2025-01-07 14:56:00

A reminder for keeping your data safe when traveling. Why? It is likely that you have to access your most critical data in risky situations on the road.https://cybernews.com/privacy/how-to-protect-your-sensitive-information-while-traveling/


News

2025-01-02 16:33:00

What about the scenery, you who are hurrying to the other side?#streetphotography#streetphoto


News

2025-01-01 16:06:00

According to a survey, third of travelers are victims of online booking scams. Since it is so convenient to make travel reservations online, that’s what we do. The problem is that we haven’t adopted new methods to avoid online scams. #travel #scamhttps://klaava.com/a-traveler-is-more-likely-to-get-scammed-when-booking-a-trip-than-being-robbed-in-a-destination/


Perhaps road builders had too much time?

2024-12-29 15:19:44

Perhaps road builders had too much time?


News

2024-12-27 18:25:00

#Photography is full of so-called “rules” that can feel overwhelming. However, some of these “rules” are downright myths.https://www.diyphotography.net/debunking-seven-common-myths-photographers-still-believe-in/


What should I read next?

2024-12-25 15:18:22

arihak

What should I read next?


News

2024-12-23 11:34:00

Since #EU #DMA has specified #Apple as a #gatekeeper in #mobile devices, EU considers Apple should implement several iOS connectivity features, predominantly used for and by connected devices. For instance, notifications, automatic Wi-Fi connection, AirPlay, AirDrop, or Bluetooth audio switching.https://digital-markets-act.ec.europa.eu/commission-seeks-feedback-measures-apple-should-take-ensure-interoperability-under-digital-markets-2024-12-19_en


News

2024-12-21 14:51:00

Smartphone users in the US are not impressed with the latest artificial intelligence features on their devices with 73 percent of Apple users and 87 percent of Samsung users unsatisfied, according to a new study. #phone #AIhttps://petapixel.com/2024/12/19/majority-of-smartphone-users-are-unimpressed-with-ai-features-study-finds/


There should be enough ice already to open the hotel

2024-12-20 16:40:17

There should be enough ice already to open the hotel


Hiking on a mountain experience: the end of an ancient tunnel

2024-12-09 14:12:31

arihak

Hiking on a mountain experience: the end of an ancient tunnel


on a hot summer day

2024-12-02 18:47:01

on a hot summer day


Cloudy day in a valley

2024-11-25 16:31:59

arihak

Cloudy day in a valley


In the shade of a lone palm tree

2024-11-25 15:46:29

In the shade of a lone palm tree


an abandoned town?

2024-11-07 18:35:22

an abandoned town?


A quiet moment between heavy rain

2024-10-24 17:34:45

A quiet moment between heavy rain


Everyone loves a pretty mountain scenery

2024-10-24 16:54:02

arihak

Everyone loves a pretty mountain scenery