Sophos has announced the findings of its global survey, The State of Ransomware 2020, which reveals that paying cybercriminals to restore data encrypted during a ransomware attack is not an easy and inexpensive path to recovery. In fact, the total cost of recovery almost doubles when organizations pay a ransom. The survey polled 5,000 IT decision makers in organizations in 26 countries across six continents, including Europe, the Americas, Asia-Pacific and central Asia, the Middle East, and Africa.
More than 80% of Indian organizations had experienced a significant ransomware attack in the previous 12 months, compared to 67% in 2017. Data was encrypted in 91% of attacks that successfully breached an organization in India. The average cost of addressing the impact of such an attack in India, including business downtime, lost orders, operational costs, and more, was ₹80,270,000. Two out of three (66%) organizations hit by ransomware in India admitted paying the ransom.
Nearly 30% of the IT managers surveyed in India were able to recover their data from backups without paying the ransom.. Every organization in India that paid the ransom got their data back, although this was not always the case elsewhere. Globally, nearly 5% of public sector organizations paid the ransom but didn’t get their data back. In fact, 13% of the public sector organizations surveyed never managed to restore their encrypted data, compared to 6% overall.
However, contrary to popular belief, the public sector was least affected by ransomware globally, with just 45% of the organizations surveyed in this category saying they were hit by a significant attack in the previous year. At a global level, media, leisure and entertainment businesses in the private sector were most affected by ransomware, with 60% of respondents reporting attacks.
Attackers increase pressure to pay
SophosLabs researchers have published a new report, Maze Ransomware: Extorting Victims for 1 Year and Counting, which looks at the tools, techniques and procedures used by this advanced threat that combines data encryption with information theft and the threat of exposure. This approach, which Sophos researchers have also observed being adopted by other ransomware families, like LockBit, is designed to increase pressure on the victim to pay the ransom. The new Sophos report will help security professionals better understand and anticipate the evolving behaviors of ransomware attackers and protect their organizations.
The State of Ransomware 2020 survey was conducted by Vanson Bourne, an independent specialist in market research, in January and February 2020. The survey interviewed 5,000 IT decision makers in 26 countries, in the US, Canada, Brazil, Colombia, Mexico, France, Germany, the UK, Italy, the Netherlands, Belgium, Spain, Sweden, Poland, the Czech Republic, Turkey, India, Nigeria, South Africa, Australia, China, Japan, Singapore, Malaysia, Philippines and UAE. All respondents were from organizations with between 100 and 5,000 employees.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.