CybersafetyConnections May 9, 2022, Vol#66

  • We are back to our old favorite cyber threat; Ransomware Rage.
  • Ransom payment amount has increased.
  • Cybersecurity resources are sufficient for some firms yet they have been affected by ransomware.
  • The effect of ransomware on data, operations, revenue, and reputation can be costly.
  • Remediation cost of ransomware attacks and how to fight these attacks.

Ransomware Rage

Photo:Free vector graphic on pixabay

Malware Ransomware Scam – Free vector graphic on Pixabay

This week’s blog is based on Sophos’sState of Ransomware 2022” report.

The report is on the impact of ransomware on businesses and how to protect against these ransomware attacks.

5,600 IT professionals in mid-sized businesses (100-5,000 employees) from about 31 countries participated in the survey. Sophos carried out the survey from January to February 2022 and inquired about victims’ encounters with ransomware in 2021.

Of the people that were asked 66% reported suffering ransomware attacks in 2021 compared to 37% in 2020. The increase can be attributed to the cybercriminals increasing their cyberattacks and using Ransomware -as-a Service model that makes it possible for people with little experience to carry out these attacks. 

Attackers have become very good at encrypting data in their ransomware attacks which was the case in 65% of the attacks in 2021 compared to 54% in 2020. There was a drop to 4% from 7% for attackers that do not encrypt data during ransomware attacks and just demand ransom.

Ransom Payments

Photo by courtesy graphic

Victims of ransomware attacks have to decide whether to pay the ransom or not. Paying the ransom does not guarantee the return of all data. About 46 % of the victims paid the ransom and even then received just 61% of their data in 2021 which is down from 65% in 2020. Only 4% got all their data in 2021 compared to 8% in 2020.

In the past year, the ransom amount increased.965 respondents shared how much ransom they paid which showed an increase year over year. For victims who paid more than 1 million, there was an increase of 11% compared to 4% in 2020. And for victims that paid less than $10,000, there was a decrease to 21% in 2021 compared to 34% in 2020.

The average ransom amount in 2021 was $812, 360 which is about five times the $170,000 amount for 2020.

Cybersecurity staff and budget

Some of these victims have more than enough cybersecurity budget and staff yet were impacted by ransomware.64% had more than enough cybersecurity budget and 65% had more than enough staff. The issue is how to use the resources available to fight ransomware attacks.

Impact on operations, business and revenue

The attacks disrupted operations for 90% of the respondents and loss of business or revenue for 86% of respondents.

The cost of remediation is down due to cyber insurance bearing a larger share of the cost. This cost was $1.4 million in 2021 compared to $1.85 million in 2020. The time to recover from the attack was about a month.

How to tackle ransomware attacks

antivirus firewall status security public domain image – FreeIMG

There are ways to prevent disruptions, reputational damage, and mitigate the cost and loss from ransomware attacks.

Here are Sophos tips on fighting ransomware attacks.

  • Make sure you deploy effective security protection at all points in your organization and environment. Regularly evaluate your security defenses to ensure that they continue to meet your needs.
  • Proactively look for potential threats so that you can stop an attack before it causes damage. If you lack the necessary time or resources in-house, outsource this task to a provider skilled in managed detection and response.
  • Strengthen your environment by scanning for and closing security gaps, such as unpatched devices, unprotected machines, and open RDP ports. An extended detection and response tool can help with this task.
  • Expect and prepare for the worst. Determine ahead of time what you need to do and who you need to contact if and when an attack occurs.
  • Regularly back up your sensitive files and practice the method used to recover and restore them. The goal is to try to get your business up and running as quickly as possible to minimize downtime.

Subscribe to get the latest post.