79% of Malaysian organisations surveyed were attacked with ransomware in 2021, which is significantly higher than the global average of 66%, according to Sophos’ annual State of Ransomware 2022 survey. Further 46% of organisations that had data encrypted in a ransomware attack paid the ransom. 26% of organisations that were able to restore encrypted data using backups in 2021 also paid the ransom.
And the Ransomware industry is getting bigger and targeting businesses which in turn hits the economy and a cause of concern worldwide. According to Sophos survey, the main reasons for the increase in ransomware attacks include are easy deployment and that the attackers can earn a lot of money.
The average cost of recovering from the most recent ransomware attack in 2021 was US $1.4 million. It took, on average, one month to recover from the damage and disruption. 90% of organisations said the attack had impacted their ability to operate, and 86% of private sector victims said they had lost business and/or revenue because of the attack.
Cyber Insurance against cybersecurity threats and ransom payments
To reduce risk of attackers’ greed for higher ransom payments the cyber insurance market is growing as insurers increasingly seek to reduce their ransomware risk and exposure.
Sophos research finds that Cyber insurance, which covers the ransom, is the go-to solution for many organisations.
83% of mid-sized organisations having cyber insurance that covers them in the event of a ransomware attack. In 98% of incidents, the insurer paid some or all of the costs incurred (with 40% overall covering the ransom payment).
Cyber insurance, which covers the ransom, is the go-to solution for many organisations, with 83% of mid-sized organisations having cyber insurance that covers them in the event of a ransomware attack.
In 98% of incidents, the insurer paid some or all of the costs incurred (with 40% overall covering the ransom payment).
Another survey by Checkpoint says that number of Ransomware by Numbers increased in the first quarter of 2022. Checkpoint research gave the mentioned data
• Globally, the weekly average of impacted organizations is 1 out of 53 – a 24% increase YoY (1 out of 66 organizations in Q1 2021)
• In APAC, the weekly average of impacted organizations is 1 out of 44 – a 37% increase YoY (1 out of 60 organizations in Q1 2021)
• In Asia, the weekly average of impacted organizations is 1 out of 24 – a 54% increase YoY (1 out of 37 organizations in Q1 2021)
Check Point Research (CPR) analysed two data sets to get new insights into the ransomware economy, estimating that the collateral cost of ransomware for victims is 7 times more than ransom paid.
- First data gave details on information on cyber events and their financial impact
- Second data set used was Conti group leaks. CPR’s research aimed to explore both sides of a ransomware attack: victims and cybercriminals.
The Collateral Damage
The Collateral cost and damage was huge in compared to ransom paid which is a small component of the cost of ransomware attack to the victim. This consists of response and restoration costs, legal fees, monitoring costs.
The research outlined how the Ransom demand sum depends on the annual revenue of the victim and ranges between 0.7% to 5% of the annual revenue. While the higher the annual revenue of the victim, the lower the percentage of the revenue that will be demanded, as that percentage represents a higher number value in dollars.
That Ransomware groups have clear ground rules for successful negotiation with victims, influencing the negotiation process and dynamics. They had accurate estimation of victim’s financial posture and if the organization has any prior cyber insurance.
Sergey Shykevich, Threat Intelligence Group Manager at Check Point Software said ‘key learning is that the paid ransom, is not a key number in the ransomware ecosystem. Both cybercriminals and victims have many other financial aspects and considerations around the attack. It’s remarkable just how systematic these cybercriminals are in defining the ransom number and in the negotiation.
Nothing is casual and everything is defined and planned according to factors that we’ve described. Noteworthy is the fact that for victims, the ‘collateral cost’ of ransomware is 7 times more than the ransom they pay’.
Check Point Research (CPR) underlines tips to protect from Ransomware
1. Robust Data Backup. A robust, secure data backup solution is an effective way to mitigate the impact of a ransomware attack.
2. Cyber Awareness Training. Phishing emails are one of the most popular ways to spread ransom malware. Frequent cyber security awareness training is crucial to protecting the organization against ransomware.
3. Strong, Secure User Authentication. Enforcing a strong password policy, requiring the use of multi-factor authentication, and educating employees about phishing attacks designed to steal login credentials are all critical components of an organization’s cybersecurity strategy.
4. Up-to-Date Patches. Keeping computers up-to-date and applying security patches can help to limit an organization’s vulnerability to ransomware attacks.
(Image Courtesy: www.wordtext.com)