Security News
Businesses are losing the battle when it comes to defending against ransomware attacks, according to a Veeam report, which found that 72% of organizations had partial or complete attacks on their backup repositories, dramatically impacting the ability to recover data without paying the ransom. Paying the ransom doesn't guarantee data recovery.
The findings of the second edition of the report indicate that the ransomware empire kept its winning streak going with the average ransom demand growing by 45% to reach $247,000 in 2021. In addition to the analysis of more than 700 attacks investigated, the report also examines ransomware DLS. Human-operated ransomware attacks have maintained the global cyber threat landscape lead by solid margins over the last three years.
Researchers analyzing the collateral consequences of a ransomware attack include costs that are roughly seven times higher than the ransom demanded by the threat actors. Ransomware attacks typically involve stealing data from the company and encrypting systems to pressure the victim into paying to decrypt files and to avoid a data leak.
In Q4, the rate of ransomware claims reached just half of the peak seen in Q1 2021 - decreasing from 0.6% to 0.3%. While the Q3 2021 average ransom paid was atypically high, the entire 2021 ransoms paid by quarter average was ~$167k, 44.2% less than the Q3 figure. The percentage for the last quarter of 2021 held steady in the low twenties, down significantly from figures that once were over 50%. As recently as Q3 2020, the ratio was 44%. This decrease in cost and severity can be partially attributed to underwriting entities requiring stronger backups for insurance coverage, which is helping to drive the broader trend toward more sophisticated and resilient approaches to mitigating ransomware risk.
It should be noted that RDDoS attacks are launched by a different type of threat actors than ransomware gangs, who use DDoS to add more pressure on the victim on top of file encryption and the threat to publish stolen data. Cloudflare reports that ransom DDoS attacks have dropped drastically in 2022, with only 17% of its DDoS-targeted clients reporting an extortion in January, 6% in February, and just 3% in March.
Most organizations have been hit by ransomware in 2022, and most of those opted for paying the requested ransom, the 2022 Cyberthreat Defense Report by the CyberEdge Group has shown. The research company says that possible explanations for the steady yearly rise of the percentage of organizations that decided to pay the ransom may include: the threat of exposing exfiltrated data, increased confidence for data recovery, and the fact that many organizations find that paying a ransom is significantly less costly than system downtime, customer disruption, and potential lawsuits.
Other key findings Of the respondents that said their organization paid a cyber ransom to regain access to data, applications, and/or systems after an attack, only 14% were able to recover all of their data. 87% of respondents who made ransom payments said that they experienced additional extortion attempts beyond the initial ransomware demand.
According to this year's report, 84% of responding organizations are experiencing a shortfall of skilled IT security personnel. A whopping 83% of responding organizations are experiencing growth in their security budgets, up from 78% last year.
A concerning number of ransomware victims have paid their attackers to retrieve their data or devices, according to CyberEdge Group's annual Cyberthreat Defense Report. The 2022 edition features a survey of 1,200 IT security professionals and found that a whopping 63% of those suffering from ransomware attacks last year ended up compensating the malicious parties responsible for the attacks.
The average ransom demand hit $2.2 million in 2021, a 144 percent rise from the year prior, according to Palo Alto Networks' Unit 42 consultants, while the average ransom payment grew 78 percent to $541,010. The security research and consulting team's latest ransomware report pulls data from cases handled by Unit 42 along with analysis of ransomware gangs' leak sites.