Ever since the global pandemic hit a little over a year ago, remote working has led to a sharp increase in cybercrime as those working from home are seen as easier targets. Interestingly, ransomware attacks appear to be decreasing in frequency, but the costs that companies incur in recovering from an attack have shot up significantly.
This is one of several findings from a recent report from cybersecurity firm Sophos, titled The State of Ransomware 2021.
The report, which leveraged the insight from 5 400 IT professionals in 30 countries, explains that the cost of recovery from a ransomware attack has more than doubled in the space of one year. More specifically it has increased from $761 106 (~R11 million) in 2020 to $1.85 million (~R26.76 million) in 2021.
In the case of South Africa, the average cost of remediation from a ransomware attack was $447 097 (~R6.4 million).
Other key global findings include the fact that an average ransom paid is $170 404 (~R2.4 million), with 8 percent of organisations able to get all of their data back and 29 percent getting no more than half back. Added to this is a higher likelihood that companies will acquiesce to demands, with 32 percent paying the ransom in 2021 compared to 25 percent in 2020.
The interesting statistic regarding the aforementioned decrease in the number of reported ransomware attacks shows a drop from 51 percent in 2020 to 37 percent in 2021.
“We’ve seen attackers move from larger scale, generic, automated attacks to more targeted attacks that include human hands-on-keyboard hacking. While the overall number of attacks is lower as a result, our experience shows that the potential for damage from these more advanced and complex targeted attacks is much higher. Such attacks are also harder to recover from, and we see this reflected in the survey in the doubling of overall remediation costs,” noted Chester Wisniewski, principal research scientist at Sophos regarding the stat.
Sophos was also able to offer other insights for South Africa, based on feedback it received from local respondents:
- 24 percent of respondents from South Africa had experienced a ransomware attack in the last 12 months – the same as the year before.
- Fewer organisations had data encrypted as the result of a significant ransomware attack – 44 percent in 2021 compared to 56 percent in 2020.
- 42 percent of respondents from South Africa that weren’t hit by ransomware in the last 12 months, but expect to be hit in the future, believe that ransomware attacks are getting increasingly hard to stop due to their sophistication.
- 31 percent of respondents from South Africa that weren’t hit by ransomware in the last 12 months, but expect to be hit in the future, say it is hard to stop their users from compromising the organisation’s security.
This latest report from Sophos showcases that as remote working continues and employees working from home remain a potential point of entry for criminals, that improved security should be top of mind alongside other digital transformation strategies, which too have been on the rise since the pandemic came into play.
“Recovering from a ransomware attack can take years and is about so much more than just decrypting and restoring data. It is more important than ever to protect against adversaries at the door, before they get a chance to take hold and unfold their increasingly multi-faceted attacks,” concludes Wisniewski.
You can read the full report from Sophos here.