Sep 20, 2022 - Technology

Report: Ransomware is growing despite company investments

Illustration of a ransom note made of binary numbers.
Illustration: Shoshana Gordon/Axios

Despite increasing company budgets for cybersecurity, ransomware attacks still affected nine in 10 U.S., U.K. and Canadian organizations in the last year.

Driving the news: Cybersecurity company SpyCloud released a report today based on a survey of 310 IT professionals at organizations with at least 500 employees. The survey was conducted between September 2021 and August 2022.

By the numbers: In the survey, 90% said they were affected by ransomware in the last 12 months — up from 72.5% the year before.

  • At the same time, at least half of respondents said the classic ransomware prevention tools — such as multifactor authentication and phishing email detection — were "already in good shape" in their companies.
  • Companies with more than 25,000 employees saw the biggest jump in ransomware: 82% were targeted in the last year, compared to 52% the year before.

Why it matters: The tools and plans companies invest in to prevent ransomware don't appear to be working,

  • Many have relied heavily on classic solutions like multifactor authentication and data backup systems, overlooking other issues like compromised web sessions and stolen login credentials sold on the dark web.
  • Roughly one in four IT professionals said their companies plan to invest in credential-monitoring tools in the next year.

The intrigue: More companies have turned to alternative ransomware response methods in the last year.

  • 72% said they purchased a ransomware-specific rider to their cyber insurance policies, compared to just half last year.
  • 45% have retained a third-party crypto payment broker, compared to 36% last year, since most ransomware gangs demand bitcoin during attacks.

Between the lines: 65% of respondents whose companies were hit by ransomware ended up paying a ransom to the hackers. But only half of them recovered the data fully after payment.

💭 Sam's thought bubble: Ransomware hackers — like most cyber criminals — are finding new avenues to break into companies as their tools and techniques become more widely known.

  • But companies can still get ahead of the curve: Raising awareness about attacks targeting employees' personal devices and monitoring the dark web for stolen employee credentials are good ways to stay one step ahead.

Sign up for Axios’ cybersecurity newsletter Codebook here.

Go deeper