Ransomware continues to dominate the threat landscape in 2022. Organizations are under siege from a wide variety of threats, but ransomware offers threat actors a unique combination of very low risk with very high reward—which is why the volume of ransomware attacks nearly doubled from the previous year, and the total cost of ransomware was estimated to exceed $20 billion.
Ransomware began as little more than a new type of malware exploit with a different payload—generating revenue by extorting payment from victims—but it has evolved into a complex business model. The malware payload is just one element of the much larger ransomware operation, or RansomOp, that make today’s attacks far more sophisticated and insidious.
The report, titled Ransomware: The True Cost to Business Study 2022, tapped the experiences of more than 1,400 global cybersecurity professionals and revealed that 73% of organizations suffered at least one ransomware attack in 2022, compared with just 55% in the 2021 study.
The study also once again finds that ‘it doesn’t pay-to-pay’ a ransom demand, as 80% of organizations that paid were hit by ransomware a second time, with 68% saying the second attack came less than a month later and threat actors demanded a higher ransom amount.
Other key findings in the research include:
Given the ongoing threat that these attacks pose to organizations, this second annual study examines how ransomware continues to impact the business, the outcomes organizations are reporting after having been the target of a ransomware attack, and the strategies companies large and small are implementing to better prepare for an attack.
The best defense against ransomware attacks is to ensure your data is not stolen or encrypted in the first place through effective prevention, detection and response. It is our hope that your organizations will find this report insightful and that it will serve to inform your organization’s strategies to remain undefeated by ransomware.
The full report can be found here: Ransomware: The True Cost to Business Study 2022. See also our recent report Ransomware: Inside Complex RansomOps and the Ransomware Economy for a deep-dive into modern ransomware operations.
Cybereason is dedicated to teaming with defenders to end ransomware attacks on the endpoint, across enterprise, to everywhere the battle is taking place. Learn more about predictive ransomware defense here or schedule a demo today to learn how your organization can benefit from an operation-centric approach to security.