South African companies getting nailed by ransomware — and they are paying up

(000228.79-:E-000157.73:N-:R-SU:C-30:V)   


Jan‘s Advertisement
Video: 50 Years of Race War in southern Africa presented by Jan in Canada
This lecture is JAM PACKED with tons of facts about us Whites in southern Africa and the wars we fought against Black Communists and AGAINST BLACK RULE. We did NOT want to be ruled by Blacks.In this lecture, I show photos and also videos about many of the key things that happened between us and the Blacks. This is primarily a presentation of how we fought wars over decades, even though there were only a few of us.


[It's interesting that so many companies are being hit. Not that I care. These are all anti-White businesses. Jan]

British cybersecurity company Sophos released its State of Ransomware 2022 report, revealing that 51% of South African organisations surveyed in its study were hit with ransomware in 2021.

Of the companies hit with ransomware, 49% of them ended up paying the ransom to retrieve their data, regardless of whether they had other means of recovery.

According to Sophos principal research scientist Chester Wisniewski, the number of victims paying ransoms is increasing.

“The survey shows that, globally, the proportion of victims paying the ransom continues to increase, even when they may have other options available,” Wisniewski said.

“There could be several reasons for this, including incomplete backups or the desire to prevent stolen data from appearing on a public leak site.”

He explained that there is often pressure on the organisation to return to normality as rapidly as possible in the aftermath of a ransomware attack, hence the willingness to pay ransoms.

“Restoring encrypted data using backups can be a difficult and time-consuming process, so it can be tempting to think that paying a ransom for a decryption key is a faster option. It’s also an option fraught with risk,” Wisniewski said.

“Organisations don’t know what the attackers might have done, such as adding backdoors, copying passwords and more.”

Wisniewski emphasised the need for organisations that have had their systems encrypted to clean up the recovered data.

“If organisations don’t thoroughly clean up the recovered data, they’ll end up with all that potentially toxic material in their network and potentially exposed to a repeat attack,” he said.

The main findings for South Africa in the State of Ransomware 2022 global survey include:

A substantial proportion (49%) of organisations are paying ransom remands
The after-effects of a ransomware attack can be vast, with the cost to recover from the most recent attack in 2021 being $710,000 (R11.5 million)
77% of organisations rely on cyber insurance that covers ransomware attacks. In 99% of incidents, the insurer paid all or some of the costs.

“The findings suggest we may have reached a peak in the evolutionary journey of ransomware, where attackers’ greed for ever higher ransom payments is colliding head-on with a hardening of the cyber insurance market as insurers increasingly seek to reduce their ransomware risk and exposure,” Wisniewski said.

He expects even higher ransom demands in the future as cyber insurers cover a range of recovery costs, and it becomes increasingly easy for cybercriminals to deploy ransomware.

“However, the results indicate that cyber insurance is getting tougher and in the future ransomware victims may become less willing or less able to pay sky-high ransoms,” Wisniewski added.

He also stated that this was unlikely to reduce the overall risk of ransomware attacks.

Sophos provided some best practice recommendations to protect organisations against cyber attacks and ransomware:

Maintain high-quality defences across all points in the organisation. Review security controls regularly to ensure they continue to meet the organisation’s needs.
Hunt for threats proactively to identify and stop actors before they execute their attack. If an organisation doesn’t have the capacity to do so, it can outsource to a managed detection and response specialist.
Search for and close key security gaps, including unpatched devices, unprotected machines, open Remote Desktop Protocol ports, etc.
Prepare for the worst. Know what to do if a cyber incident occurs and keep the plan updated.
Make backups, and practice restoring data from them so that the organisation can return to services as quickly as possible.

Source: https://mybroadband.co.za/news/security/443728-south-african-companies-getting-nailed-by-ransomware-and-they-are-paying-up.html?utm_source=newsletter



Jan‘s Advertisement
Video & Audio: The Military Mystery of why Ukraine Invaded Kursk in Russia
Nobody, not even military experts can explain exactly why the Ukrainians invaded Kursk in Russia. All the reasons that are given are minor and do not in any way really explain why the Army and the Government would throw their best troops into fighting for this Russian area that has no value.

%d bloggers like this:
Skip to toolbar