Skip to main content
close search
site logo
Dive Brief

It’s becoming more common for ransomware to lock up data

Published May 10, 2023
Matt Kapko's headshot
Senior Reporter
Ransomware virus has encrypted data. Attacker is offering key to unlock encrypted data for money.
Attacker offers victim a key to unlock encrypted data for a ransom. vchal via Getty Images

Dive Brief:

  • Threat actors encrypted data in three in four ransomware attacks last year, the highest rate of data encryption linked to ransomware in at least four years, according to research Sophos released Wednesday.
  • Of the 3,000 IT and cybersecurity leaders surveyed across 14 countries, two-thirds of respondents said their organizations were hit by a ransomware attack last year, a repeat of 2022’s figures.
  • Organizations in the IT, technology and telecommunications sector prevented or otherwise avoided data encryption during half of all ransomware attacks, the lowest rate of any sector during the last year. Business and professional services organizations experienced data encryption in 92% of all ransomware attacks, the report found.

Dive Insight:

The increased rate of data encryption during ransomware attacks indicates threat actors are sticking to a defining characteristic while executing ransomware.

Despite some variance in ransomware attack methods — scenarios when threat actors skip encryption and lean more heavily on data theft and extortion — locking up critical data remains the top act carried out by ransomware groups.

The rate of data encryption involved in ransomware attacks is worryingly high, Chester Wisniewski, field CTO for applied research at Sophos, said via email.

“This means that defenders are only able to stop an attack in progress about 1 in 4 times,” Wisniewski said.

When threat actors encrypted data during a ransomware attack last year, they also stole data in almost one-third of incidents, according to Sophos.

Nearly all, or 97%, of organizations that had data encrypted during a ransomware attack ultimately recovered that data. Nearly half of those organizations paid the ransom to recover data, according to Sophos.

In addition to ransom payments organizations incurred costs related to downtime, devices, networks and lost opportunities. Excluding ransoms, organizations reported a mean ransomware recovery cost of $1.8 million during the last year, and 43% of respondents said their organization “lost a lot of business/revenue” as a result of the attack.

Filed Under: Cyberattacks

Editors' picks

Company Announcements

View all | Post a press release
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell