Data encryption through ransomware methods is increasingly prevalent
In a worrying trend, a recent report has revealed that ransomware attacks have been on the rise, with data encryption becoming a dominant tactic used by threat actors. The report, released by Sophos, indicates that three out of four ransomware attacks last year involved data encryption, marking the highest rate in at least four years.
The report does not provide specific details about the countries or the number of organizations affected by these attacks. However, it is noteworthy that business and professional services organizations experienced data encryption in 92% of all ransomware attacks, according to the report.
The increased rate of data encryption during ransomware attacks suggests that threat actors are consistently using this defining characteristic in their attacks. Organizations in the IT, technology, and telecommunications sector, on the other hand, managed to prevent data encryption during half of all ransomware attacks, the lowest rate among all sectors last year.
The report also sheds light on the financial implications of these attacks. Global ransom payments from ransomware attacks exceeded $1 billion in 2023, indicating significant sums paid mostly by various companies and sectors to avoid larger damages. However, the report does not discuss the financial impact of these ransomware attacks on the affected organizations.
Nearly half of the organizations that had data encrypted during a ransomware attack paid the ransom to recover it, according to Sophos. It is important to note that specific organizations that paid the highest ransoms in the past year are not named in the available search results.
Threat actors stole data in almost one-third of ransomware attacks where data was encrypted. Scenarios where threat actors skip encryption and focus more on data theft and extortion still exist, but they are not as common as data encryption.
Organizations incurred costs related to downtime, devices, networks, and lost opportunities, apart from ransom payments. Forty-three percent of the respondents stated that their organization 'lost a lot of business/revenue' due to the attack. Despite variations in ransomware attack methods, locking up critical data remains the top action carried out by ransomware groups.
The report does not mention any new or emerging ransomware variants or techniques used by threat actors. This underscores the importance of robust cybersecurity measures and regular updates to protect against these threats. Nearly all organizations that had data encrypted during a ransomware attack ultimately recovered that data (97%).
Two-thirds of the 3,000 IT and cybersecurity leaders surveyed across 14 countries reported that their organizations were hit by a ransomware attack last year. As the threat of ransomware continues to grow, it is crucial for organizations to prioritise cybersecurity and data protection to minimise the impact of these attacks.
Read also:
- Global Content Dissemination Through Cross-Linguistic Voiceovers
- Development of Restaurant Apps: Expenses and Essential Elements
- Time is of the essence
- European transportation's sustainability and competitiveness rely on a "green industrial agreement" that serves the interests of both corporations and residents, as discussed in an Editorial from August 2024.
