The number of companies suffering ransomware attacks is constantly growing - however, it does seem many are now doing something about it and not just succumbing to the attackers’ demands.
A report from Sophos based on a survey of 5,000 IT and cybersecurity leaders in 14 countries across the Americas, EMEA, and Asia-Pacific has found nearly all (97%) of those hit by ransomware decided to reach out to the police and government organizations for help.
More than half (59%) found the process simple enough, with just 10% calling it very difficult.
Ransomware is still a threat
When they do engage with law enforcement and the government, the report found these organizations get different types of help, including advice on dealing with ransomware (61%) and investigative work (60%).
Furthermore, 58% of those that had their data encrypted got help recovering it.
For Chester Wisniewski, director, Field CTO, Sophos, reporting an incident was a major pain point due to frequent victim shaming. Between better legislation and awareness building, reporting an incident has become normalized, which definitely helped the situation. “If the public and the private sectors can continue to galvanize as a group effort to help businesses, we can continue to improve our ability to recover quickly and gather intelligence to protect others or even potentially hold those conducting these attacks responsible,” he said.
While reporting the incident, and getting help from relevant authorities definitely helps, it hasn’t slowed ransomware operators down, Sophos further said. Citing data from more than 150 incident response (IR) cases in 2023, the company said that ransomware was the most frequently encountered attack type for four consecutive years. In 70% of IR cases Sophos’ X-Ops investigated, ransomware was the culprit.
To better tackle the ransomware threat, businesses need to move “from simply treating the symptoms of ransomware, to preventing those attacks in the first place”, Wisniewski concluded, stressing that many organizations still fail to implement key security measures.
More from TechRadar Pro
- Yet another Ivanti VPN critical security flaw is being exploited, so patch now
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now