Report: 90% of firms affected by ransomware in 2022

An annual SpyCloud survey discovered that 90% of organizations have been impacted by ransomware over the previous twelve months, an alarming enhance from final yr’s 72.5%.

To compile the 2022 Ransomware Protection Report, SpyCloud requested over 300 people in lively IT safety roles at U.S., UK and Canadian organizations with a minimum of 500 workers to guage the specter of ransomware, in addition to their firms’ cyber readiness, over the previous 12 months.

Their insights present that whereas firms have activated to strengthen their cybersecurity postures throughout the board in mild of the elevated risk of ransomware, criminals have gotten extra refined, leveraging gaps in safety to perpetrate assaults.

Regardless of elevated funding in cybersecurity, over the previous yr, the relentless tide of ransomware continued to disrupt operations and put organizations’ information in danger. Furthermore, organizations have been extra probably than final yr to be impacted greater than as soon as: 50% have been hit a minimum of twice, 20.3% have been hit between 6 and 10 instances and seven.4% have been attacked greater than 10 instances.

The rising prevalence of repeat assaults is a sign that in style strategies reminiscent of information backups –– which respondents noticed as their most essential ransomware countermeasure –– nonetheless go away delicate information uncovered. As soon as an assault has occurred, retrieving misplaced information doesn’t stop attackers from sharing it on the darkish net, permitting criminals to make use of it for future nefarious actions, together with their subsequent assault.

Malware hits safety protection gaps

Malware preparedness additionally represents a serious hole in organizations’ defenses. IT safety groups face a near-total lack of visibility into malware infections on unmanaged units used to entry work functions or accounts. In response to 87% of respondents, experiences of credential-stealing malware reminiscent of RedLine Stealer have elevated the concentrate on unmanaged private units as a possible entry level for ransomware.

Their considerations are well-founded: Malware infections are extra widespread than firms could notice. Via evaluation of botnet logs recaptured this yr alone, SpyCloud researchers recognized over 6 million malware-infected units with software credentials siphoned.

Whereas the report indicated organizations are making strides towards higher prevention –– people who applied or plan to implement multifactor authentication almost doubled to 96% from 56% final yr –– the report’s findings present that closing key gaps round uncovered information and malware is crucial to creating a dent within the battle in opposition to ransomware.

Learn the total report from SpyCloud.