advertisement
Facebook Instagram Linkedin Youtube Spotify
Search
Close this search box.
Facebook
X
LinkedIn
WhatsApp
Reddit

Against the advice of pros more companies than ever are paying ransoms

  • Sophos notes a 500 percent increase in the number of ransoms paid by organisations in its 2024 State of Ransomware report.
  • As many as 87 percent of cyber insurance providers contributed to ransom payments.
  • The mean ransom demanded by cybercriminals in South Africa is $975 675.

Among the major findings in the Sophos State of Ransomware 2024 report is that ransom payment – where a company coughs up the fee charged by cybercriminals – has increased 500 percent. This is an alarming trend and while it may be quick to blame organisations for paying the ransom, there is likely a good reason for it.

That reason is that companies may have no choice but to pay given that 97 percent of ransomware attacks in South Africa, tried to compromise backups as well. Yes not only do companies need to worry about their live data, they need to worry about the backups of that data as well.

Ransomware is still a major threat for businesses with 69 percent of the 330 local companies surveyed saying such an attack hit them in the last year. While this is a decrease from the 2023 survey, it’s not all good news.

“We must not let the slight dip in attack rates give us a sense of complacency,” explains field chief technology officer at Sophos, John Shier.

“Ransomware attacks are still the most dominant threat today and are fueling the cybercrime economy. Without ransomware we would not see the same variety and volume of precursor threats and services that feed into these attacks. The skyrocketing costs of ransomware attacks belie the fact that this is an equal opportunity crime. The ransomware landscape offers something for every cybercriminal, regardless of skill. While some groups are focused on multi-million-dollar ransoms, there are others that settle for lower sums by making it up in volume.”

The good news is that 43 percent of local companies that were struck by ransomware paid the ransom, much less than the global average of 56 percent. However, the fact that these criminals are getting paid is seemingly enough to inspire them to continue their work.

What we found most alarming is that companies providing cyber insurance contribute to the ransom demands of cybercriminals. This was true for 87 percent of the incidents in South Africa, which is problematic.

The mean ransom demanded by cybercriminals in South Africa is $975 675 despite the mean payment being slightly lower at $958 100. Sophos tells us that cybercriminals are well aware of how much they can demand from local businesses. Given that these ne’er-do-wells have complete access to a company, they know how much to charge and how much they can negotiate for when it comes to payment.

Sophos also asked how long it took for respondents to recover from an attack and the bad news is that South Africans are getting slower. Only 41 percent of those targeted in an attack recovered in a week, down from 53 percent in 2023 while 26 percent took between one and six months, an increase from 19 percent in 2023.

“The two most common root causes of ransomware attacks, exploited vulnerabilities and compromised credentials, are preventable, yet still plague too many organisations. Businesses need to critically assess their levels of exposure to these root causes and address them immediately. In a defensive environment where resources are scarce, it’s time organizations impose costs on the attackers, as well. Only by raising the bar on what’s required to breach networks can organizations hope to maximize their defensive spend,” adds Shier.

Ransomware continues to plague businesses of all sizes from large to small enterprises and the damage can be monumental. Sophos advises businesses take the following advise to guard against attacks:

  • Prevention – The best ransomware attack is the one that didn’t happen because the adversaries couldn’t get into your organization.
  • Protection – Strong foundational security is a must. Endpoints (including servers) are the primary destination for ransomware actors, so ensure that they are well-defended, including dedicated antiransomware protection to stop and roll back malicious encryption.
  • Detection and response – The sooner you stop an attack, the better. Detecting and neutralizing an adversary inside your environment before they can compromise your backups or encrypt your data will considerably improve your outcomes.
  • Planning and preparation – Having an incident response plan that you are well versed in deploying will greatly improve your outcomes if the worst happens and you experience a major attack.

You can find highlights from the report in the PDF embedded below.

sophos-state-of-ransomware-2024-zaDownload
advertisement

About Author

More
Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.
advertisement

Related News

Regenesys Business School addresses rumours about accreditation status

Temu issues response to EU complaint

Two new LEGO space sets now available in South Africa (and one free one)

Get a braai from Checkers Hyper delivered in an hour

GTA VI to launch in Fall (our Spring) next year

Fujifilm’s new X-T50 and GFX100S II land locally next month

advertisement
Facebook Instagram Linkedin Youtube Spotify
Hypertext is one of South Africa’s leading technology news and reviews sites. We publish original content daily for consumers and businesses.
All original words & media by Hypertext by htxt.media are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. Permissions beyond the scope of this license may be available at Hypertext. Where images and material are supplied by rights holders outside of htxt.media, original publishing licences are indicated and unaffected.
Click here to suggest a story.
Click here for advertising.
© 2024. All rights reserved by HTXT.