Which companies and organizations are most likely to be the victim of ransomware attacks? This and other questions were investigated by cybersecurity specialist Sophos. […]
A ransomware attack is a burden on organizations that should not be underestimated: data encryption, ransom demands, restoring data from backups, rebuilding systems and continuing operations, at least the most important processes. In addition, the cybercriminals are increasingly relying on a new tactic: Previously “ransom against data decryption”, it is now called: Pay ransom, otherwise data publication. These so-called extortion attacks are a far stronger horror scenario: The attackers have less effort and exorbitantly increase their demands, because they also know: Organizations face high fines if the data leak is concealed.
Swiss companies affected above average
In a recent study, cybersecurity specialist Sophos analyzed who is at risk when it comes to ransomware and presented the results in the report “The State of Ransomware 2021”. For the study, 5,400 IT decision-makers from companies and organizations worldwide were interviewed, including 100 from Switzerland.
It turns out that Helvetic companies and organizations are affected by ransomware above average. When asked whether they had already been the victim of a ransomware attack, 46 percent of Swiss IT managers answered “yes”. Worldwide, “only” 37 percent answered this question in the affirmative. A real ransomware plague, however, prevails in India. Here, 68 percent of respondents were affected by an attack with extortion software.
Education and government popular with ransomware attackers
Becoming a victim of a ransomware attack is also a question of the industry: In addition to manufacturers, service providers and retailers, 44 percent of organizations in the education sector are particularly affected. Authorities and state institutions are in third place (40 percent). Distribution and transport, as well as media, leisure, entertainment were the least victims.
This is matched by the information from the industries on the extent to which they were able to stop the encryption of their data in the event of a ransomware attack: The most successful in the defense are companies in the sales and transport sector (48 percent), followed by media, leisure and entertainment (47 percent).Even local authorities are often the target of ransomware. Here, the global average is 34 percent. One reason is the relatively high willingness to pay: While worldwide willingness to pay ransom is 32 percent, authorities are 42 percent the second most willing to pay. Only energy, oil & amp; gas and utilities are still more likely to pay at 43 percent. According to the report, this willingness of the authorities may also be due to the fact that they are most likely to be affected by data encryption.
Good backup strategy prevents ransom payment
The study also shows this: it seems that there is a connection between a company’s ability to restore data with the help of backups and its willingness to comply with ransom demands. Manufacturing and manufacturing companies are the least likely to pay a ransom while being the most likely to restore data using backups (68 percent). In the construction and real estate sector as well as with financial service providers, ransom payments also take place below average. Both of them manage to recover their data from backups more often than average.
Authorities are aware of their vulnerabilities
How serious is the ransomware threat? The Sophos investigation is also investigating this question. According to this, the authorities and companies in the education sector in particular are aware of weaknesses with regard to fast recovery of the data (in first place with 30 percent). Globally, 22 percent say they expect to become victims of ransomware because of their weakened or patchy cybersecurity. A good approach to arm yourself against ransomware attacks is a recovery plan. After all, 90 percent of the companies surveyed own this.