2021 State of Ransomware Report Reveals 83% of Victims Paid to Get Data Restored
October 2021 by ThycoticCentrify
ThycoticCentrify released new research confirming that ransomware has become a preferred method for cyberattacks, with nearly two out of three companies (64%) surveyed admitting to be victims of a ransomware attack in the last 12 months.
The report, titled “2021 State of Ransomware Survey & Report: Preventing and Mitigating the Skyrocketing Costs and Impacts of Ransomware Attacks,” is based on survey responses from 300 U.S. based IT business decision makers. It further reveals that more than four out of five (83%) ransomware attack victims felt they had no choice but to pay ransom demands to restore their data.
The report highlights how organizations are responding to the growing threats from ransomware attacks, including:
• 72% have seen cybersecurity budgets increase due to ransomware threats
• 93% are allocating special budget to fight ransomware threats
• 50% said they experienced loss of revenue and reputational damage from an attack
• 42% indicated they had lost customers as a result of an attack
"Our research shows ransomware is a threat to organizations of all sizes and levels of sophistication,” said Art Gilliland, CEO at ThycoticCentrify. “The first line of defense should be solutions that secure privileged access, including multi-factor authentication (MFA) and other methods of enforcing Zero Trust, to keep would-be cyber criminals contained and limit the damage they can inflict.”
The report features three main takeaways with recommendations and resources to help mitigate damage from an attack.
1. With so many organizations victimized by ransomware attacks, it is more important than ever that organizations prioritize creating an incident response plan to avoid being added to the growing list that have paid the ransom demand.
2. While increasing cybersecurity budgets for network and cloud security solutions, organizations must also understand and prioritize the requirements for preventing exploit escalation with PAM security that enforces least privileged access.
3. Preventing ransomware attacks by practicing basic cybersecurity hygiene such as regular backups, timely patching, MFA, and password protection is essential. However, PAM policies that make least privileged access a priority enable security teams to identify the attack entry point, understand what happened, help remediate, and ultimately protect restored data.