Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Ransomware attacks are getting much better at encrypting data

ransomware avast

Ransomware operators are getting better at encrypting data during attacks, causing extra headaches for the IT teams trying to parry the attack, a new report has claimed. 

The Sophos state of ransomware 2023 report, based on a vendor-agnostic survey of 3,000 cybersecurity and IT leaders,found in three-quarters (76%) of ransomware attacks, threat actors managed to encrypt the data - the highest percentage since Sophos started tracking the metric three years ago.

High recovery costs for those that pay

The report also gives another reason why businesses should refrain from paying the ransom. Those that did doubled their recovery costs - $750,000, versus $375,000 for those that merely used their backups. Furthermore, it takes longer to recover the files with the decryptor. Almost half (45%) of organizations using backups recovered within a week, compared to two in five (39%) of those that paid up. 

Sophos also warns that despite other reports out there stating otherwise, the number of ransomware attacks isn’t dwindling - it’s plateauing. This year, 66% of surveyed firms reported being attacked by ransomware, the same as last year. 

“Rates of encryption have returned to very high levels after a temporary dip during the pandemic, which is certainly concerning. Ransomware crews have been refining their methodologies of attack and accelerating their attacks to reduce the time for defenders to disrupt their schemes," said Chester Wisniewski, field CTO, Sophos.

“Incident costs rise significantly when ransoms are paid. Most victims will not be able to recover all their files by simply buying the encryption keys; they must rebuild and recover from backups as well. Paying ransoms not only enriches criminals, but it also slows incident response and adds cost to an already devastatingly expensive situation,” said Wisniewski.

Sophos’ report also claims that system vulnerabilities are most commonly used to launch ransomware attacks (36%), and not compromised credentials (29%), showing the importance of keeping software and hardware updated.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.