The ransomware crisis deepens, while data recovery stalls

When it comes to ransomware, more companies are seeing attacks and have had data encrypted, according to research out this week. And even though more companies are backing up or paying ransom demands, less data was recovered in 2021 compared with the previous year.

For instance, in its “State of Ransomware 2022” report, cybersecurity firm Sophos found that 66% of surveyed companies had encountered ransomware in 2021, with two-thirds of those firms — or 43% overall — suffering from an actual attack that encrypted data. In its previous report covering 2020, the frequency of successful attacks was much smaller, with about 20% overall resulting in encryption.

The deteriorating cyberthreat landscape is largely due to the evolution of ransomware groups and their techniques, says Sean Gallagher, senior threat researcher with Sophos.

“Over the past couple of years, there has been a massive transition from ransomware to ransomware-as-a-service,” he says. “There are very well-established [groups] that are doing these attacks, and as a result, the number of attacks companies are seeing has gone up.”

Ransomware continues to plague companies with business-disrupting attacks and defy efforts by cybersecurity experts to rein in the operators behind the criminals campaigns. Not only did the portion of companies affected by ransomware more than double last year, but the mean ransomware payment more than quadrupled to $812,000, according to the Sophos report.

Companies in the energy and manufacturing sectors each saw average ransoms of more than $2 million.

The research team at Check Point Software Technologies saw an increase in ransomware attacks as well, noting that attempted attacks climbed 24% in 2021 compared with 2020. In an analysis of chat logs leaked from the Conti ransomware group, Check Point Research noted that the operators discussed how to set ransoms in some detail, but also stressed that ransoms often are not the most significant cost to businesses.

“[T]he extortion cost is marginal compared to other losses suffered by the victim,” the researchers stated. “Most other losses, including response and restoration costs, legal fees, monitoring costs, etc., are applied whether the extortion demand was paid or not.”

To read the complete article, visit Dark Reading.