Ransomware tactics are evolving. So are companies’ perspectives on the best strategies to prepare and respond. As ransomware spreads, security, IT, and business leaders grapple with tough decisions on cyber controls, incident response, and ransomware payouts.
In our second annual ransomware research survey, we look beyond the latest ransomware attack statistics to explore changing attitudes and learn about the experiences of companies battling ransomware in 2022. We surveyed over 300 decision-makers across the United States from various industries to get insights from the folks in the trenches. We compare ransomware statistics from year to year to see what has changed. What we know provides insight into the future of ransomware in 2023 and beyond.
An important question we ask is: Are ransomware attacks getting worse?
The answer depends on how you look at it.
What we learned from the survey:
Only 25% of this year’s survey respondents said they had been a victim of ransomware in the last 12 months. This is a drop from the overall ransomware attack rate of 64% last year.
Let’s say the larger the company, the more likely it is to be attacked by ransomware. In 2022, 56 percent of companies with 100 or more employees will encounter a ransomware attack, compared to 70 percent in 2021 (14 percent reduction).
Meanwhile, 13 percent of companies with fewer than 100 employees said they were victims of ransomware in the last year, compared to 34 percent in previous surveys (a 21 percent drop).
These findings support large-scale research measuring the number of ransomware attacks in the cyber industry. For example, GuidePoint Research reported that ransomware attacks slowed 35% in the second quarter of 2022 compared to the first quarter. Digital Shadows, which monitors ransomware groups on a daily basis, reported a 10% drop from the second quarter of 2022 to the third quarter of 2022.
The cybersecurity community is watching this trend closely, as ransomware attack statistics change frequently.
There are many reasons we’ve seen ransomware attacks lately. The decline in ransomware could be the result of a combination of these five factors.
Conti, the leading ransomware group, is dissolved
The ransomware supply chain consists of criminal gangs that share technology and profits. A gang often includes cryptographers, black hat cybercriminals who gain and sell access, keyboard attackers who exploit hacking, and criminals who communicate about redemption and distribution control.
Conti is one of the most famous ransomware-as-a-service cartels and has been responsible for many ransomware attacks in recent years. They disbanded in May 2022 and shut down their website.
While this may lead to a temporary reduction in ransomware cases, terrorist groups and other gangs are emerging. Today it is an internet connection and social network that all cybercriminals need to mount a successful ransomware attack, so the effect will be short-lived.
Security controls to prevent ransomware execution
companies are investing in new tools and security controls for ransomware detection and control.
For many organizations, these practices have successfully prevented or prevented attacks. It is unlikely that cybercriminals will attack a network that will alarm and expose them. Instead, attackers will turn to more victims.
Self-disclosure has no effect on the attack
The cynics among us will say that companies that admit to being attacked by ransomware are in decline.
Businesses and organizations are obliged to report cyber incidents that put customers’ personal and other information at risk, but not all companies and organizations have this compliance. They can pay the ransom silently and keep it a secret. In some organizations, not all employees know if a ransomware attack has occurred.
Increases and decreases in ransomware volume are seasonal
As ransomware groups gather resources, these periods of decline may represent different trends in activity.
In the fourth quarter, the historical peak of ransomware activity, companies of all industries and sizes need to be on the alert as cybercriminals take advantage of the holiday season boost in e-commerce.
Also Check Our New Online Video Downloader
Ransomware payments are on the rise
so the more criminals take, the less risk. In the first five months of 2022, Unit 42 emergency responders’ incident compensation approached $1 million, up 71% from the same period last year. In addition to compensation, companies also pay for medical expenses, downtime and loss of reputation.
If you’re a cybercriminal, you’d rather get a good salary and risk getting caught multiple times for lower returns than just getting to work. Maybe ransomware attacks have gotten better now.
Where does that leave us?
In the end, it doesn’t matter whether you know whether the volume or price of ransomware has increased or decreased. If you still think the next event will be for you, this will be for the best. Taking steps to mitigate the impact of ransomware and developing a strategy to respond to an attack is critical to cyber resilience and business continuity.
Full report with a few key insights from the latest ransomware research:
- Different ransomware motives make every organization a potential victim
- Whether business was affected or downgraded in the Ransomware Challenge, many companies refuse to pay for ransomware.