Ransomware attacks are getting much better at encrypting data
Paying for a decryptor isn’t the easy way out, Sophos says
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Ransomware operators are getting better at encrypting data during attacks, causing extra headaches for the IT teams trying to parry the attack, a new report has claimed.
The Sophos state ofransomware2023 report, based on a vendor-agnostic survey of 3,000 cybersecurity and IT leaders,found in three-quarters (76%) of ransomware attacks, threat actors managed to encrypt the data - the highest percentage since Sophos started tracking the metric three years ago.
High recovery costs for those that pay
The report also gives another reason why businesses should refrain from paying the ransom. Those that did doubled their recovery costs - $750,000, versus $375,000 for those that merely used their backups. Furthermore, it takes longer to recover the files with the decryptor. Almost half (45%) of organizations using backups recovered within a week, compared to two in five (39%) of those that paid up.
Sophos also warns that despite other reports out there stating otherwise, the number of ransomware attacks isn’t dwindling - it’s plateauing. This year, 66% of surveyed firms reported being attacked by ransomware, the same as last year.
Hitachi Energy confirms data breach after being hit by Clop ransomware>Hatch Bank says 140,000 customers had data stolen after breach>Here’s our rundown of the best firewalls
“Rates of encryption have returned to very high levels after a temporary dip during the pandemic, which is certainly concerning. Ransomware crews have been refining their methodologies of attack and accelerating their attacks to reduce the time for defenders to disrupt their schemes," said Chester Wisniewski, field CTO, Sophos.
“Incident costs rise significantly when ransoms are paid. Most victims will not be able to recover all their files by simply buying the encryption keys; they must rebuild and recover from backups as well. Paying ransoms not only enriches criminals, but it also slows incident response and adds cost to an already devastatingly expensive situation,” said Wisniewski.
Sophos’ report also claims that system vulnerabilities are most commonly used to launch ransomware attacks (36%), and not compromised credentials (29%), showing the importance of keeping software and hardware updated.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Nokia confirms data breach leaked third-party code, but its data is safe
Rising AI threats are making firms turn back to human intelligence
Black Friday is here: Sony XM5 over-ears drop to their lowest-seen price – act fast!
