A Ponemon Institute study highlights the alarming impact of ransomware attacks, revealing that 58% of organisations have been forced to halt operations due to such incidents. This marks a significant increase from 45% in 2021, underscoring the escalating threat that ransomware poses to businesses globally.
The findings from Illumio-commissioned report, The Global Cost of Ransomware Study indicate a troubling trend: 40% of companies reported substantial revenue losses, up from 22% in the previous year. Additionally, 41% lost customers, and 40% were compelled to eliminate jobs. The research paints a stark picture of how ransomware not only disrupts operations but also inflicts severe financial damage.
Trevor Dearing, director of Critical Infrastructure at Illumio, emphasised the urgent need for organisations to bolster their defences: “Ransomware is more pervasive and impactful than ever, with more organisations forced to suspend operations or experience major business failure because of attacks.” He advocates for operational resilience and the implementation of controls like microsegmentation to protect critical systems from attackers.
The study also reveals that ransomware attackers are increasingly targeting critical systems, with 25% of such systems impacted and downtime averaging 12 hours. While organisations invest considerable time and resources into containment—averaging 132 hours and 17.5 personnel per attack—the effectiveness of these measures is questionable.
Notably, the costs associated with reputational damage now surpass those related to legal and regulatory actions, with 35% of organisations reporting significant brand harm from attacks, up from 21% in 2021. Alarmingly, 44% of organisations lack the capability to quickly identify and contain attacks, and only 27% have implemented microsegmentation, a crucial strategy for preventing the spread of breaches.
Cloud and hybrid environments are viewed as particularly vulnerable, with 35% of organisations citing a lack of visibility as a major hurdle in responding to ransomware. Desktops and laptops remain the most compromised devices, with phishing and Remote Desktop Protocol (RDP) as the primary entry points for attacks. In over half of the cases, attackers took advantage of unpatched systems to escalate privileges, a significant rise from 33% in 2021.
Despite nearly a third of IT budgets (29%) being allocated to ransomware defence, 88% of organisations have still fallen victim to attacks. Interestingly, while 52% of respondents believe that having a full backup is adequate protection, only 13% successfully recovered all impacted data post-attack.
The report highlights a broader issue of organisational challenges in ransomware defence. A staggering 72% of organisations did not report attacks to law enforcement, citing fears of publicity and retaliation as major deterrents. Furthermore, while employees are becoming more security conscious, insider negligence remains a critical challenge.
As ransomware threats continue to evolve, organisations must prioritise robust security measures and operational resilience to safeguard against these devastating attacks.