Ransomware found difficult to prevent even when victims are prepared

In the 2021 Ransomware Victims Report, 200 IT decision makers for organisations that have experienced a  ransomware attack between 2019-2021 were surveyed.

It was discovered that most organisations breached had various security measures in place to defend against ransomware attacks, with nearly half (49%) of the victims having perimeter defenses such as end-point security protection, whilst 43% having implemented internal controls, and 53% with encryption for data.

Ransomware assaults were not only difficult to prevent, but they also succeeded quickly. Over half of the respondents (56%) said the hackers took control of the data in 12 hours, whilst 30% said hackers gained control in 24 hours. 

For 76% of organisations that reported phishing as the initial entry point, hackers gained control in less than 12 hours. 

According to the report, phishing remained the easiest path and most popular route for ransomware attacks. Despite employees being trained to avoid them, the majority of phishing attacks succeeded - with over half of organisations (54%) breached had conducted anti-phishing training for employees before experiencing an attack. 

Other findings include:

• More than half (55%) of the organizations chose to pay the ransom after an attack. 
• Organizations that paid the ransom spent an average of $183,000 more in additional costs above the direct ransom payment. Despite this only 57% of organisations fully recovered their data.
• Cyber insurance only covered around 60% of the ransom payment and additional costs for almost 80% of the victims.