The number of companies experiencing ransomware attacks is constantly growing. However, it seems that many are now doing something about it and not just giving in to the attackers’ demands.
A report from Sophos, based on a survey of 5,000 IT and cybersecurity leaders across 14 countries in the Americas, EMEA and Asia Pacific, found that almost all (97%) of those affected by ransomware , have decided to contact the police and government organizations for help.
More than half (59%) found the process simple enough, while only 10% called it very difficult.
Ransomware is still a threat
When they do work with law enforcement agencies and government, the report shows that these organizations receive a variety of assistance, including advice on dealing with ransomware (61%) and investigative work (60%).
Additionally, 58% of those who had their data encrypted received help recovering it.
For Chester Wisniewski, Field CTO Director at Sophos, reporting an incident was a major pain point due to the frequent shaming of victims. Better legislation and awareness have made reporting an incident normal, which has certainly helped the situation. “If the public and private sectors can continue to work as a group to help businesses, we can continue to improve our ability to quickly recover and gather information to protect others or even potentially hold those who carry out these attacks accountable.” keep,” he said.
While reporting the incident and getting help from the relevant authorities certainly helps, it has not slowed down ransomware operators, Sophos further says. Based on data from more than 150 incident response (IR) cases in 2023, the company said ransomware was the most common attack type for four consecutive years. In 70% of the IR cases Sophos’ X-Ops investigated, ransomware was the culprit.
To better tackle the ransomware threat, companies must move “from simply treating the symptoms of ransomware to preventing these attacks in the first place,” Wisniewski concluded, highlighting that many organizations are still failing to implement key security measures to implement.