50% of firms fell victim to ransomware attacks in 2022, shows report

About 50 per cent organisations fell victim to ransomware attacks in 2022, despite 78 per cent of the firms claiming they were "very" or "extremely" prepared to mitigate an attack, a new report showed on Wednesday.

According to the 2023 Global Ransomware Report by cybersecurity firm Fortinet, the global threat of ransomware remains at peak levels, with half of the organisations across all sizes, regions and industries falling victim in the last year.

The survey was conducted among 569 cybersecurity leaders from 31 different locations around the world, including the US, UK, France, India, and Japan, among others.

"According to the Fortinet research released today, though three out of four organisations detected ransomware attacks early, half still fell victim to them. These results demonstrate the urgency to move beyond simple detection to real-time response. However, this is only part of the solution as organisations cited the top challenges in preventing attacks were related to their people and processes," said Vishak Raman, Vice President of Sales, India, SAARC and Southeast Asia at Fortinet.

Moreover, the report said that four out of the five top challenges to stopping ransomware were people or process related.

Despite most (72 per cent) detecting an incident within hours, and sometimes minutes, the percentage of organisations paying ransom remains high, with almost three-quarters of the respondents making some form of ransom payment.

Specifically, one-quarter of attacks among manufacturing organisations received a ransom of $1m or higher, while almost all organisations (88 per cent) reported having cyber insurance, almost 40 per cent didn't receive as much coverage as expected and, in some cases, didn't receive any because of an exception from the insurer.

While ransomware concerns are high, nearly all organisations (91 per cent) expect to boost their security budgets in the following year, despite challenging economic conditions, the report said.

Since email phishing remained the most common method for gaining entry into attacks for the second straight time, it was encouraging to see respondents give higher importance to Secure Email Gateway (51 per cent); however, Sandboxing (23 per cent), Network Segmentation (20 per cent), and other important protections remained low on the list.

In addition, the report found that organisations using point products were the most likely to fall victim to an attack in the last year.

Further, almost all respondents (99 per cent) viewed integrated solutions or a platform as essential to preventing ransomware attacks.

--IANS

shs/prw/bg