A leading cyber security firm, Cybereason[1], has announced the results of its third annual ransomware study, commissioned to better understand the true impact of ransomware on businesses. This global study reveals that ransomware attacks are becoming more frequent, effective, and sophisticated.
See: https://redskyalliance.org/xindustry/100-50-1-100-ransomware-gangs-using-50-types-of-malware
The Report Ransomware: The True Cost to Business 2024 reveals that of the organizations who opted to pay a ransom in return for their encrypted systems, only 47% received their data and solutions back uncorrupted.[2]
Key Findings:
- 56 percent of organizations surveyed suffered more than one ransomware attack in the last 24 months.
- It still ‘doesn’t pay to pay’ as almost 80 percent of organizations who paid the ransom were hit a second time.
- 82 percent were hit again within a year.
- 63 percent were asked to pay again
These findings emphasize why it does not pay to pay ransomware attackers, and organizations should instead focus on detection and prevention tactics to end ransomware attacks before material damage occurs.
Cybereason Global Field CISO Greg Day says this year’s research shows that, while most businesses have a ransomware strategy, many are incomplete. “They’re either missing a documented plan or the right people to execute it. As a result, we see that many organizations are paying the ransom.... Likewise, while many have cyber insurance, too many don’t know if, or to what degree, it covers them for ransomware attacks. This is problematic on several levels. It’s no guarantee that attackers won’t sell your data on the black market, that you’ll even get your full files and systems back, or that you won’t be attacked again.”
Other Findings:
- Attackers are evolving, and the supply chain shows weakness. 56 percent did not detect a breach for 3-12 months, and 41 percent of the attackers got in via a supply chain partner.
- Attacker demands increased at every stage; 78 percent were breached a second time, and 63 percent were asked to pay more.
- The actual cost is a staggering 46 percent estimated total business losses of $1-10 million and 16 percent estimated total business losses of over $10 million. Not to mention the loss of revenue, brand damage, and layoffs that followed.
- Businesses lack the right tools. Less than half said their enterprises are adequately prepared for the next attack. While 87 percent of organizations increased spending, only 41 percent feel they have the right people and plans to manage the next attack.
Based on Cybereason's research and their unique threat protection capabilities, it seems clear that in the case of Ransom attacks, prevention is a whole lot better than remediation.
This article is presented at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www. redskyalliance. org/
- Website: https://www. redskyalliance. com/
- LinkedIn: https://www. LinkedIn. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://www.cybereason.com
[2] https://www.cybersecurityintelligence.com/blog/ransomware-the-true-cost-to-business-7501.html
Comments