The vast majority of ransomware victims end up paying their attackers to have their data unlocked, according to a new report from cybersecurity software provider ThycoticCentrify.
The report, “2021 State of Ransomware Survey and Report: Preventing and Mitigating the Skyrocketing Costs and Impacts of Ransomware Attacks,” based on survey responses from 300 US-based IT professionals, found that An alarming 83% of ransomware victims have succumbed to their attacks. ‘requests.
In addition to the alarming data on the number of victims who feel they have no choice but to pay the ransom, the report also found that nearly two-thirds of companies admitted to being victims of a cyberattack. ransomware in the past 12 months.
According to the company’s report, the United States has seen an increase in ransomware attacks of nearly 200%, with the average ransom demand now eclipsing $ 100,000, ten times more than last year.
The report details what we already know: Cybercriminals and ransomware gangs are constantly evolving and becoming more sophisticated as attack surfaces increase and hacking tools become more widely available.
âPayments have become so lucrative that ransomware developers have emerged to sell or establish an affiliate program for their tools and expertise, offering Ransomware-as-a-Service (RaaS),â the report states. “The ransomware could evolve into a subscription model where you pay criminal gangs not to target you.”
According to the ThycoticCentrify report, 72% of organizations increased their cybersecurity budgets after a ransomware attack, which is by far the most common action taken by ransomware victims.
These budgets were increased largely to protect against ransomware, as 93% of respondents said they allocated funds in their annual security budget specifically to protect against ransomware.
Companies spend these funds primarily on network security (49%) and cloud security (41%), but less invest in identity access management (24%), endpoint security (23%) and management of privileged access (19%).
âBusinesses may not realize, or underestimate, how important these are to preventing, mitigating or disrupting ransomware attacks,â ThycoticCentrify said in the report.
The company notes the need to go beyond traditional security measures such as antivirus programs to reduce the threat of ransomware, and these more modern approaches include network segmentation, privileged access management, threat detection and adopting a zero trust network architecture to limit what end users can access.
In addition to investing in privileged access management and adopting least privilege access policies, the report also urged IT administrators to create incident response plans to contain and limit damage.
The more successful the ransomware attacks, the more victims will end up paying these ransoms, which continues to fund the ransomware industry.
âAs businesses increase their spending on cybersecurity solutions to avoid becoming victims of ransomware, it is essential that they protect all users as if they were privileged users,â the company said. “By protecting privileged access with PAM solutions to reduce or eliminate attacker wait time, as well as implementing a robust incident response plan, organizations can minimize the risk of what appears to be a threat that will only increase for the foreseeable future.