Business, Security

Businesses are still paying up in ransomware attacks

Brendyn Lotz

25th April 2023

Fortinet has released its 2023 Global Ransomware Report this week.
The findings reveal that 50 percent of respondents fell prey to ransomware attacks in the last year.
Alarmingly, 75 percent of respondents paid the ransom in these attacks.

Encrypting data and holding decryption keys for ransom remains a lucrative business for cybercriminals according to Fortinet’s 2023 Global Ransomware Report.

The report is derived from a survey that was conducted among 569 cybersecurity leaders from 31 different locations around the world, including the United States, United Kingdom, France, India, South Africa, and Japan, among others.

The report contains a number of startling revelations including the fact that 50 percent of businesses surveyed fell prey to a ransomware attack in the last year. The good news is that companies are prepared with 78 percent of respondents stating they are very or extremely prepared to mitigate a cyberattack.

Worryingly, however, Fortinet found that three quarters of organisations have paid the ransom in ransomware attacks.

“When comparing across industries, organisations in the manufacturing sector received higher ransoms and were more likely to pay the fee. Specifically, one quarter of attacks among manufacturing organisations received a ransom of $1M or higher,” writes Fortinet.

What is rather worrying is that despite 88 percent of organisations having cyber insurance 40 percent didn’t receive as much cover as they expected. More alarming is that in some cases, claims were denied because of an exception for the insurer. This means that businesses need to be more thorough in their selection of an insurance policy.

One interesting revelation was as regards platform spread. Fortinet found that companies which use a smaller number of platforms for their operations were less likely to fall victim to a ransomware attack. Further to that, 99 percent of respondents view platforms as an essential tool in combating ransomware attacks.

However, one of the key reasons companies fall victim to these sorts of attacks are because of, people.

“According to the Fortinet research released today, though three out of four organisations detected ransomware attacks early, half still fell victim to them. These results demonstrate the urgency to move beyond simple detection to real-time response. However, this is only part of the solution as organisations cited the top challenges in preventing attacks were related to their people and processes. A holistic approach to cybersecurity that goes beyond investing in essential technologies and prioritises training is essential,” explains John Maddison, executive vice president of products at Fortinet.

One of the key areas of focus regarding security over the next year is using AI and machine learning to enable faster threat detection. This can also help prepare the people on the ground by amplifying their capabilities.

Of course, the crooks are using this tech as well so it will be interesting to see how the findings in this report evolve over the next year.

About Author

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.