The number of ransomware attacks continues to rise, and worse, the number of payouts is also dramatically increasing.
According to a report by cybersecurity company Sophos, two-thirds (66%) of midsize businesses around the world experienced a ransomware attack last year, up from 37% the year before.
Nearly two-thirds (59%) of respondents also said the complexity of attacks had increased, while for more than half (53%) the impact had also increased.
Data restoration
The sharp increase in the value of ransom demands is even more worrying. The global average increased from €170 in 000 to €2020 last year, with 812% of organizations paying more than €000 million in ransom fees.
At the same time, the percentage of organizations paying less than €10 fell from 000% in 34 to 2020% in 21.
Also, more companies are choosing to pay the ransom, even though law enforcement advises otherwise. The report claims that 46% of organizations that suffered a ransomware attack ended up giving in to lawsuits in 2021.
"There can be a number of reasons for this, including incomplete backups or a desire to prevent stolen data from showing up on a public jailbreak site. After a ransomware attack, there is often great pressure to get back up and running as soon as possible. possible," he said. Chester Wisniewski, Principal Researcher at Sophos.
“Restoring encrypted data using backups can be a difficult and time-consuming process, so it can be tempting to think that paying a ransom for a decryption key is a faster option. It is also a risky option. Organizations don't know what attackers may have done, such as adding backdoors, copying passwords, etc. »
"If organizations don't thoroughly clean the recovered data, they will end up with all of this potentially toxic material on their network and potentially open to repeat attacks."