Cybereason: 80{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5} of orgs that paid the ransom have been hit once more

Ransomware assaults are on the rise globally as cybercriminals undertake extra refined ways, and injury losses are projected to achieve $20 billion worldwide this yr. The Federal Bureau of Investigation reported a 225{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5} improve in whole losses from ransomware in america in 2020. Estimates recommend companies are underneath assault each 11 seconds, on common. Towards this backdrop, the Cybereason International Ransomware Examine measured how a lot monetary and reputational injury these assaults wreak on companies.

Coping with the aftermath of a ransomware assault could be difficult and expensive. The overwhelming majority of organizations skilled important enterprise affect resulting from ransomware assaults, together with lack of income (66{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), injury to the group’s model (53{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), unplanned workforce reductions (29{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), and even closure of the enterprise altogether (25{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}).

After a corporation skilled a ransomware assault, the highest 5 options applied included safety consciousness coaching (48{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), safety operations (SOC) (48{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), endpoint safety (44{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), knowledge backup and restoration (43{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), and e-mail scanning (41{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}). The least deployed options post-attack included net scanning (40{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), endpoint detection and response (EDR) and prolonged detection and response (XDR) applied sciences (38{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), antivirus software program (38{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), cellular and SMS safety options (36{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}), and managed safety companies supplier (MSSP) or managed detection and response (MDR) supplier (34{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}). Solely 3{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5} of respondents stated they didn’t make any new safety investments after a ransomware assault.

Cybereason’s examine discovered that almost all of organizations that selected to pay ransom calls for prior to now weren’t resistant to subsequent ransomware assaults, usually by the identical risk actors. The truth is, 80{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5} of organizations that paid the ransom have been hit by a second assault, and nearly half have been hit by the identical risk group.

This examine affords perception into the enterprise affect of ransomware assaults throughout key business verticals and divulges knowledge that may be leveraged to enhance ransomware defenses. For instance, after a corporation skilled a ransomware assault, the highest two options applied included safety consciousness coaching (48{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}) and safety operations (48{69439eabc38bbe67fb47fc503d1b0f790fcef507f9cafca8a4ef4fbfe163a7c5}). This analysis underscores that prevention is the most effective technique for managing ransomware danger and guaranteeing your group doesn’t fall sufferer to a ransomware assault within the first place.

1,263 cybersecurity professionals took half within the examine commissioned by Cybereason and fielded by Censuswide, with individuals in various industries from america, United Kingdom, Spain, Germany, France, United Arab Emirates, and Singapore.

Learn the total Cybereason International Ransomware Examine.