Share this article on:
Breaking news and updates daily. Subscribe to our Newsletter
Retailers hit a three-year low when it comes to fighting ransomware.
In 2023, only 26 per cent of Australian retailers were able to stop a ransomware attack before their data was encrypted.
This is a year-on-year decrease from 2022’s figure of 28 per cent, which was itself less than 2021. In 2021, 34 per cent of retailers were successful in disrupting ransomware operations before losing access to their data.
The new numbers come from Sophos’ latest The State of Ransomware in Retail 2023 report, which polled 3,000 cyber security experts, with 350 from the retail sector, from Europe and the Middle East, the Americas, and the Asia-Pacific region.
On top of the rising rate of successful attacks, the report also found that, on average, the recovery costs of companies that pay a ransom are significantly higher. Outside of the ransom payment itself, companies that pay criminals spend $3 million recovering their data, compared to $750,000 for those who rely on backups.
Encryption rates are also on the rise. Seventy-one per cent of organisations hit by ransomware end up with their data encrypted.
There is, however, some good news – the percentage of retailers attacked by ransomware has dropped from 77 per cent to 69 per cent this year.
“Retailers are losing ground in the battle against ransomware,” said Chester Wisniewski, director, global field CTO at Sophos, in a statement. “Ransomware criminals have been encrypting increasingly greater percentages of their retail victims in the last three years, as evidenced by the steadily declining rate of retailers stopping cyber criminal attacks in progress.”
“Retailers must up their defensive game by setting up security that detects and responds to intrusions earlier in the attack chain,” Wisniewski said.
You can read the full report here.
Comments powered by CComment