Only 8% of businesses that paid a ransom got all of their data back

2021-04-28 04:30

While the number of organizations that experienced a ransomware attack fell from 51% of respondents surveyed in 2020 to 37% in 2021, and fewer organizations suffered data encryption as the result of a significant attack, the new survey results reveal worrying upward trends, particularly in terms of the impact of a ransomware attack.

"We've seen attackers move from larger scale, generic, automated attacks to more targeted attacks that include human hands-on-keyboard hacking. While the overall number of attacks is lower as a result, our experience shows that the potential for damage from these more advanced and complex targeted attacks is much higher. Such attacks are also harder to recover from, and we see this reflected in the survey in the doubling of overall remediation costs."

"This could be in part because using decryption keys to recover information can be complicated. What's more, there's no guarantee of success. For instance, as we saw recently with DearCry and Black Kingdom ransomware, attacks launched with low quality or hastily compiled code and techniques can make data recovery difficult, if not impossible."

A small, but important 7% said that their data was not encrypted, but they were held to ransom anyway, possibly because the attackers had managed to steal their information.

"Further, the definition of what constitutes a 'ransomware' attack is evolving. For a small, but significant minority of respondents, the attacks involved payment demands without data encryption. This could be because they had anti-ransomware technologies in place to block the encryption stage or because the attackers simply chose not to encrypt the data."

Backups are the main method organizations surveyed used to recover their data after an attack.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/SOPT4zdzoME/

#ransom