Companies continue to pay multiple ransom demands

Issue 3 2022 News, Cyber Security

Cybereason has published the results of its second annual ransomware study, during a year of unprecedented attacks, to better understand the true impact on businesses. This global study reveals that 73% of companies suffered at least one ransomware attack in 2022, compared with just 55% in the 2021 study.

The study once again finds that ‘it doesn’t pay-to-pay’ a ransom demand, as 80% of companies that paid were hit by ransomware a second time, with 68% saying the second attack came in less than a month and 67% reporting that threat actors demanded a higher ransom amount.

The report, titled Ransomware: The True Cost to Business Study 2022, further revealed that of the companies who opted to pay a ransom demand in order to regain access to their encrypted systems, 54% reported that some or all of the data was corrupted during the recovery process, compared to 46% in 2021, an increase of 17% year-on-year.

These findings underscore why it does not pay to pay ransomware attackers, and that companies should focus on detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.


Lior Div.

Cybereason CEO and co-founder, Lior Div, says ransomware attacks are traumatic events, and when ransomware gangs attack a second, third or fourth time in a matter of weeks, it can bring an organisation to its collective knees. “Deploying effective anti-ransomware solutions is easier said than done, and the hackers know it.

“After being hit the first time by a ransomware attack, companies need time to assess their security posture, determine what are the right tools to deploy, and then find the budget to pay for it. The ransomware gangs know this, and it is the biggest reason they quickly strike again,” he explains.

Key findings in the research include:

• A weak supply chain leads to ransomware attacks: Nearly two-thirds (64%) of companies believe the ransomware gang got into their network via one of their suppliers or business partners.

• Senior leadership attrition: 35% of companies suffered C-level resignations following a ransomware attack.

• A matter of life and death: Nearly 30% of companies said they paid a ransom because of the risk to human life due to system downtime.

• Ransom demands increase with each attack: Nearly 70% of companies paid a higher ransom demand the second time.

• Ransomware attacks lead to business disruptions: Nearly one-third (31%) of businesses were forced to temporarily or permanently suspend operations following a ransomware attack.

• Layoffs result from ransomware attacks: Nearly 40% of companies laid off staff as a result of the attack.

• Companies don’t have the right tools: 60% of companies admitted that ransomware gangs were in their network up to six months before they discovered them. This points to the double extortion model where attackers first steal sensitive data then threaten to make it public if the ransom demand is not paid.

The full report can be found at https://www.cybereason.com/ransomware-the-true-cost-to-business-2022




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Security BIS named AxxonSoft’s Distributor of the Year 2021
News CCTV, Surveillance & Remote Monitoring
With its focus on AxxonSoft solutions and technical support, Security BIS secured the title of AxxonSoft Distributor of the Year again for 2021.

Read more...
Infinidat enhances channel support
News IT infrastructure
Infinidat drives go-to-market strategy with new global partner portal and expands channel sales with Storage-as-a-Service in ArrowSphere.

Read more...
Arcserve launches N Series appliances
IT infrastructure Cyber Security
Arcserve introduces N Series appliances offering enterprise-level integrated data protection, recovery and cybersecurity to allow customers to simplify their IT environments and secure data.

Read more...
The Handbook of Security’s third edition has been published
News
The third edition of the Handbook of Security, edited by Perpetuity Research director Martin Gill, has been published, containing 45 contributions from leading global scholars.

Read more...
Storage is essential for a comprehensive cybersecurity strategy
Integrated Solutions Cyber Security
Cyber resilience is the ability of an enterprise to limit the impact of security incidents by deploying and arranging appropriate security tools and processes.

Read more...
GJD announces new SMT Machine
News Perimeter Security, Alarms & Intruder Detection
GJD will now be able to complete the manufacture of its products in-house, and thereby significantly decrease the business’ carbon footprint while increasing employment opportunities.

Read more...
Smart home devices market growing across META
Smart Home Automation News
The Middle East, Turkey, and Africa (META) smart home devices market continues to register significant gains on the back of increasing awareness and improving end user experiences, according to the latest insights from International Data Corporation.

Read more...
How to react in an armed robbery or home invasion
Fidelity Services Group Security Services & Risk Management News
How you react when faced with a nervous, gun-toting criminal can save your life, or cost you your life; all family members need to know what to do in such circumstances.

Read more...
To be or not to be, is that the objective?
Iris AI Editor's Choice CCTV, Surveillance & Remote Monitoring News
Gerhard Furter joins a discussion on the nature of sentience in artificial intelligence. Do we actually know what sentience is, or are we overestimating our human capabilities?

Read more...
From the editor's desk: The last CCTV Handbook
Technews Publishing News
Welcome to the CCTV Handbook 2022, I hope the headline caught your eye. This really is the last CCTV Handbook Hi-Tech Security Solutions will ever produce, but it is not the last handbook about surveillance ...

Read more...