The State of Security: Ransomware – Tripwire

Have you tried restoring from backups recently? In road safety we talk about primary and secondary safety measures. Primary: avoiding incidents; Secondary: minimising injuries. How are your primary and secondary safety measures when it comes to ransomware?…:

Sophos Labs recently released its annual global study, State of Ransomware 2022, which covers real-world ransomware experiences in 2021, their financial and operational impact on organizations, as well as the role of cyber insurance in cyber defense.

The report, which surveyed 5,600 IT professionals in mid-sized organizations across 31 countries, shows that ransomware attacks are increasing and becoming more sophisticated. In 2021, 66% of organizations were hit with ransomware, an increase of 29% compared to 2020.

Cybercriminals are finding more complex ways to launch ransomware attacks. An average of 57% of the companies surveyed reported an increase in the volume of attacks, and 59% said the complexity of attacks had increased. With the everything-as-a-service model, even those criminals without the skills and financing required to deploy a unique ransomware attack can use ready-made packages.

What’s worse is cybercriminals are becoming more successful at encrypting data in ransomware attacks. In 2021, data was encrypted in 65% of the attacks, an increase of 11% compared to the 54% success rate in 2020. However, extortion-only attacks saw a reduction from 7% to 4% — attacks where the attackers don’t encrypt data, but exfiltrate it and threaten to publicly publish it as the ransom method.

[…]

Original article