Ransomware attacks surge, but victims are recovering quickly
Cymulate announced the results of a survey, revealing that despite the increase in the number of ransomware attacks this past year, overall victims suffered limited damage in both severity and duration.
Research taken from nearly 900 enterprise professionals across 14 sectors worldwide highlighted that the majority of respondents undertook proactive measures to prevent the attack before it could cause any significant damage, and the vast majority of those even before it could cause any serious downtime.
There was little difference in the size of organizations that ransomware targeted, affecting both large and small companies alike.
Key highlights
- More than half – whether previously hit by ransomware or not – don’t feel confident they can fend off a ransomware attack.
- 70% report increased awareness of ransomware threats at boardroom level and business management level.
- Frequency of attacks is the highest in APAC, followed by Latin America, Africa and North America.
- All companies, regardless of size have a 1-in-4 chance of being hit by ransomware.
- Prior victims of ransomware are allocating more security budget (64%) and headcount (58%) than organizations not previously attacked. Non victims however are still allocating more security budget (55%) and headcount (37%).
- Most companies are creating new or modified incident response plans with between 43% (victims) to 46% (non-victims).
- Poor password discipline is still a major attack vector.
- Traditional security procedures/purchases were added because of ransomware.
- 39% increased endpoint detection and response (EDR) and 34% increased multi-factor authentication (MFA) in non-victims and 30% increased EDR in victims.
- 82% of the respondents are adopting offensive cybersecurity solutions.
- 28% of organizations were hit by ransomware over the last few years:
- 23% of smaller business (between 1-1,000 employees) experienced a ransomware attack, 27% of mid-size (between 1,001-5,000) and 23% large enterprises (20,000+).
- Only 14% of respondents that experienced an attack were down for a week or more.
- 19% of the respondents experienced major damages and interruption to business or production and 26% reported that damages were relegated to a few systems.
“This latest survey is critical in helping us understand that while we may be experiencing increased anxiety from the rise in ransomware, we have also learned lessons and are able to both prevent attacks and recover far quicker than before,” said Eyal Wachsman, CEO of Cymulate.
“Organizations still need to remain vigilant as ransomware continues to strike every sector and every size organization. Security teams need to ensure current controls are effective and conduct basic cyber hygiene to prevent further damage.”