•According to the report 46 per cent of organizations with revenue of less $50 million (Sh6.6billion) received a seven-figure ransom demand in the last year.
•The 2024 report also found that 63 per cent of ransom demands were for $1 million or more, with 30 per cent of demands for over $5 million, suggesting ransomware operators are seeking huge payoffs.
Image: FILE
The amount organisations are paying to get back their data from cyber criminals has increased by 500 per cent in the past year, a new report has revealed.
The report titled “State of Ransomware 2024” shows that organisations paid an average of $2 million (Sh264.3million) in ransom to hackers, up from $400,000 (Sh about 53 million) in 2023, with ransoms being just one part of the cost.
Excluding ransoms, the survey found the average cost of recovery reached $2.73 million (Sh36.7million), an increase of almost $1 million (Sh132 million) since the $1.82 million (Sh240.5 million) that Sophos reported in 2023.
Despite the soaring ransoms, this year’s survey indicates a slight reduction in the rate of ransomware attacks, with 59 per cent of organisations being hit, compared with 66 per cent in 2023.
While the propensity to be hit by ransomware increases with revenue, even the smallest organisations that report less than $10 million (Sh1.3 billion) in revenue are still regularly targeted.
The report that covered Europe, the Middle East and Africa, shows that in this category, 47 per cent were hit by ransomware in the last year.
The 2024 report also found that 63 per cent of ransom demands were for $1 million or more, with 30 per cent of demands for over $5 million, suggesting ransomware operators are seeking huge payoffs.
Sophos field chief technology officer John Shier says the organisations should not have a sense of complacency because of the slight dip in attack rates.
“Ransomware attacks are still the most dominant threat today and are fueling the cybercrime economy. Without ransomware we would not see the same variety and volume of precursor threats and services that feed into these attacks,” said Sophos field CTO John Shier
Unfortunately, these increased ransom amounts are not just for the highest-revenue organisations surveyed.
According to the report 46 per cent of organisations with revenue of less $50 million (Sh6.6 billion) received a seven-figure ransom demand in the last year.
Shier says that the skyrocketing costs of ransomware attacks belie the fact that this is an equal-opportunity crime.
The ransomware landscape offers something for every cybercriminal, regardless of skill.
He points out that while some groups are focused on multi-million-dollar ransoms, others settle for lower sums by making it up in volume.
For the second year running, exploited vulnerabilities were the most commonly identified root cause of an attack, impacting 32 per cent of organisations.
This was closely followed by compromised credentials (29 per cent) and malicious email (23 per cent).
This is directly in line with recent, in-the-field incident response findings from Sophos’ most recent Active Adversary report.
Victims where the attack started with exploited vulnerabilities reported the most severe impact to their organisation, with a higher rate of backup compromise (75 per cent), data encryption (67 per cent) and the propensity to pay the ransom (71 per cent), than when attacks started with compromised credentials.
The report backs findings by International Data Corporation that had projected that increasing online threats to businesses across the EMEA region, will see companies and government increase their cyber security spending to excess of $6.2 billion (Sh819 billion) in 2024.
According to the IDC report, the financial services and government sectors will be the MEA region’s biggest spenders on security products and services in 2024, together accounting for nearly a third of the market’s value.
They will remain the largest security spenders through 2027.
The companies Sophos surveyed were hit harder financially and operationally.
On average, it cost them $3.58 million (Sh473 million) to recover from attacks that began with compromised credentials, compared to $2.58 million (Sh340.9 million) for other attacks, with more of these companies taking over a month to bounce back.
Other key findings in the report show that 24 per cent of those who pay the ransom hand over the amount originally requested, and 44 per cent of respondents reported paying less than the original demand.
The average ransom payment came in at 94 per cent of the initial ransom demand.
More than 82 per cent of cases funding for the ransom came from multiple sources.
Overall, 40 per cent of total ransom funding came from the organisations themselves and 23 per cent from insurance providers.