Companies continue to pay multiple ransom demands

Issue 3 2022 News & Events, Information Security

Cybereason has published the results of its second annual ransomware study, during a year of unprecedented attacks, to better understand the true impact on businesses. This global study reveals that 73% of companies suffered at least one ransomware attack in 2022, compared with just 55% in the 2021 study.

The study once again finds that ‘it doesn’t pay-to-pay’ a ransom demand, as 80% of companies that paid were hit by ransomware a second time, with 68% saying the second attack came in less than a month and 67% reporting that threat actors demanded a higher ransom amount.

The report, titled Ransomware: The True Cost to Business Study 2022, further revealed that of the companies who opted to pay a ransom demand in order to regain access to their encrypted systems, 54% reported that some or all of the data was corrupted during the recovery process, compared to 46% in 2021, an increase of 17% year-on-year.

These findings underscore why it does not pay to pay ransomware attackers, and that companies should focus on detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.


Lior Div.

Cybereason CEO and co-founder, Lior Div, says ransomware attacks are traumatic events, and when ransomware gangs attack a second, third or fourth time in a matter of weeks, it can bring an organisation to its collective knees. “Deploying effective anti-ransomware solutions is easier said than done, and the hackers know it.

“After being hit the first time by a ransomware attack, companies need time to assess their security posture, determine what are the right tools to deploy, and then find the budget to pay for it. The ransomware gangs know this, and it is the biggest reason they quickly strike again,” he explains.

Key findings in the research include:

• A weak supply chain leads to ransomware attacks: Nearly two-thirds (64%) of companies believe the ransomware gang got into their network via one of their suppliers or business partners.

• Senior leadership attrition: 35% of companies suffered C-level resignations following a ransomware attack.

• A matter of life and death: Nearly 30% of companies said they paid a ransom because of the risk to human life due to system downtime.

• Ransom demands increase with each attack: Nearly 70% of companies paid a higher ransom demand the second time.

• Ransomware attacks lead to business disruptions: Nearly one-third (31%) of businesses were forced to temporarily or permanently suspend operations following a ransomware attack.

• Layoffs result from ransomware attacks: Nearly 40% of companies laid off staff as a result of the attack.

• Companies don’t have the right tools: 60% of companies admitted that ransomware gangs were in their network up to six months before they discovered them. This points to the double extortion model where attackers first steal sensitive data then threaten to make it public if the ransom demand is not paid.

The full report can be found at https://www.cybereason.com/ransomware-the-true-cost-to-business-2022




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From QR code to compromise
Information Security News & Events
A new attack vector involves threat actors using fraudulent QR codes emailed in PDF attachments to bypass companies' phishing security measures by requiring users to scan the code with their mobile phones.

Read more...
Boost revenue streams for MNOS
News & Events Security Services & Risk Management Financial (Industry)
ReveNet has introduced its new solution, designed to safeguard and potentially boost revenue streams in an increasingly challenging landscape for MNOS. The new platform combines advanced analytics and is built on trust, transparency, and sustainability principles.

Read more...
Here’s to a SMART 2025
SMART Security Solutions Editor's Choice News & Events
This is the final news brief from SMART Security Solutions for 2024, and the teams would like to take this opportunity to thank our readers, advertisers and partners and wish everyone a safe and secure festive season.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
South African SMBs chart growth amid economic uncertainties
News & Events
Survey shows that business confidence among South African SMBs remains strong at 78%, but opportunities abound to boost productivity and accelerate digital transformation. Additionally, AI adoption has gained traction, with two-thirds of South African SMBs investing in AI over the past year.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
ONVIF launches new online learning initiative
Training & Education Surveillance News & Events
ONVIF has released the first course in a new online learning initiative designed to promote greater knowledge and understanding of ONVIF's workings. The first “Introduction to ONVIF” course is now available.

Read more...
Gallagher Security opens Cape Town office
Gallagher News & Events Access Control & Identity Management
Acknowledging a significant period of growth for the company in South Africa, opening a second office will enable Gallagher to increase its presence across the region with staff based in Johannesburg and Cape Town.

Read more...
Physical security technology trends to watch in 2025
Technews Publishing News & Events
There are some exciting developments and significant changes, some technical and some operational, taking place in the market that security professionals should be aware of as they plan for the year ahead.

Read more...