Ransomware attacks are on the rise. In a new survey by Sophos, two out of three organizations say they were hit in the past year.

Security provider Sophos questioned thousands of IT professionals worldwide. The State of Ransomware 2022-report sheds light on a growing problem. Ransomware persists. Two out of three organizations said they have been hit in the past year; a 78 percent increase from 2020.

Sophos suspects that the peak has yet to be reached. The organization argues that Russian ransomware groups will be able to attack relatively easily in the coming year. According to Sophos, Russian authorities are less willing and able to track down domestic ransomware groups due to the war in Ukraine.

Astonishing prices

65 percent of attacks resulted in data encryption, an 11 percent increase from 2020. The size of organizations had little to no influence. A recent study by Splunk shows that the average ransomware variant takes 43 minutes to encrypt 100,000 files.

In addition, Sophos reports that the average ransom has risen dramatically. In 2020, the average ransom amounted to 160,000 euros. In 2021 the average was an astounding 1,37 million euros. Only one percent of all ransoms totalled less than 10,000 dollars. One in ten victims paid more than a million dollars.

Some security experts strongly advise against paying ransoms. One frequently heard argument is that cybercriminals are unreliable. Organizations have no guarantee that ransomware groups decrypt data upon payment. The Sophos survey tells another story. Nearly 99 percent of all paying victims had a sizable chunk of their data returned.

Cybersecurity insurance

Investments in cybersecurity grow parallel to ransomware. Almost half of the organizations work with an external Security Operations Centre (SoC). The conditions for cybersecurity insurance play a possible part in the increase. 83 percent of organizations are insured against damages caused by ransomware attacks. Half indicate that their organization has to meet increasingly strict requirements in order to qualify for insurance. Insurance agencies apply strict and complex conditions. Moreover, the number of agencies has decreased.

Tip: Ransomware is an APT, so you should treat it as such