South African companies getting nailed by ransomware — and they are paying up

(005875.811-:E-000062.43:N-AC:R-SU:C-30:V)   

British cybersecurity company Sophos released its State of Ransomware 2022 report, revealing that 51% of South African organisations surveyed in its study were hit with ransomware in 2021.

Of the companies hit with ransomware, 49% of them ended up paying the ransom to retrieve their data, regardless of whether they had other means of recovery.

According to Sophos principal research scientist Chester Wisniewski, the number of victims paying ransoms is increasing.

“The survey shows that, globally, the proportion of victims paying the ransom continues to increase, even when they may have other options available,” Wisniewski said.

“There could be several reasons for this, including incomplete backups or the desire to prevent stolen data from appearing on a public leak site.”

He explained that there is often pressure on the organisation to return to normality as rapidly as possible in the aftermath of a ransomware attack, hence the willingness to pay ransoms.

“Restoring encrypted data using backups can be a difficult and time-consuming process, so it can be tempting to think that paying a ransom for a decryption key is a faster option. It’s also an option fraught with risk,” Wisniewski said.

“Organisations don’t know what the attackers might have done, such as adding backdoors, copying passwords and more.”

Wisniewski emphasised the need for organisations that have had their systems encrypted to clean up the recovered data.

“If organisations don’t thoroughly clean up the recovered data, they’ll end up with all that potentially toxic material in their network and potentially exposed to a repeat attack,” he said.

The main findings for South Africa in the State of Ransomware 2022 global survey include:

A substantial proportion (49%) of organisations are paying ransom remands
The after-effects of a ransomware attack can be vast, with the cost to recover from the most recent attack in 2021 being $710,000 (R11.5 million)
77% of organisations rely on cyber insurance that covers ransomware attacks. In 99% of incidents, the insurer paid all or some of the costs.

“The findings suggest we may have reached a peak in the evolutionary journey of ransomware, where attackers’ greed for ever higher ransom payments is colliding head-on with a hardening of the cyber insurance market as insurers increasingly seek to reduce their ransomware risk and exposure,” Wisniewski said.

He expects even higher ransom demands in the future as cyber insurers cover a range of recovery costs, and it becomes increasingly easy for cybercriminals to deploy ransomware.

“However, the results indicate that cyber insurance is getting tougher and in the future ransomware victims may become less willing or less able to pay sky-high ransoms,” Wisniewski added.

He also stated that this was unlikely to reduce the overall risk of ransomware attacks.

Sophos provided some best practice recommendations to protect organisations against cyber attacks and ransomware:

Maintain high-quality defences across all points in the organisation. Review security controls regularly to ensure they continue to meet the organisation’s needs.
Hunt for threats proactively to identify and stop actors before they execute their attack. If an organisation doesn’t have the capacity to do so, it can outsource to a managed detection and response specialist.
Search for and close key security gaps, including unpatched devices, unprotected machines, open Remote Desktop Protocol ports, etc.
Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updated.
Make backups, and practice restoring data from them so that the organisation can return to services as quickly as possible.

Source: https://mybroadband.co.za/news/security/443728-south-african-companies-getting-nailed-by-ransomware-and-they-are-paying-up.html



Jan‘s Advertisement
White Shop: White Power Fist Patch
This embroidered patch is 3 inches in diameter.


Jan‘s Advertisement
White Shop: Serving Secretly: An Intelligence Chief on Record Rhodesia into Zimbabwe 1964-1981
This is one of the most important books ever written about Rhodesia. This book is for the very serious students of Rhodesia. This was written by Ken Flower who was our top spy master. He was there from the beginning to the end.


Jan‘s Advertisement
Video: Jewish Comedian Sarah Silverman on the role of the Jews in killing Jesus Christ...
This should interest the Christians and Muslims. Listen to this female Jewish comedian discussing the Jewish role in the killing of Jesus.