Signs point to a global drop in general ransomware attacks, but the urgency of boosting cybersecurity hygiene has never been greater.

A recent survey of 5,400 IT decision makers across 30 countries conducted in January and February 2021 has pointed to a doubling (or more) of financial damage in the Asia Pacific region and Japan (APJ).

The survey commissioned by cybersecurity firm Sophos notes that, while the number of organizations experiencing a ransomware attack had fallen from 53% of respondents surveyed in 2020 to 39% in 2021, and fewer organizations suffered data encryption as the result of a significant attack (68% in 2021 compared to 81% in 2020), results reveal worrying upward trends, particularly in terms of the impact of a ransomware attack.

While the apparent decline in the number of organisations being hit by ransomware is good news, it is tempered by the fact that this is likely to reflect some changes in attacker patterns. The firm asserts that the potential for damage from these more-advanced and complex targeted attacks is much higher—making it harder and more expensive to recover from.

Despite organizations opting to pay their ransoms, none of those that paid actually got back all their data, which implies that paying does not pay. In the meantime, recovering from a ransomware attack can take years and is about so much more than just decrypting and restoring data: whole systems need to be rebuilt from the ground up and then there is the operational downtime and customer impact to consider, and much more.

Tips for staying on guard

According to Sophos, organizations should realize that it is more important than ever to protect against adversaries at the door, before they get a chance to take hold and unfold their increasingly multi-faceted attacks.

To stay prepared and defended against ransomware, the firm offers the following reminders:

  1. Assume you will be hit
  2. Make backups and keep a copy offline
  3. Deploy layered protection
  4. Combine human experts and anti-ransomware technology
  5. Do not pay the ransom
  6. Have a malware recovery plan

Oh, and one last thing: the report noted that 3% of respondents had experienced a ransomware attack wherein their data had not even become encrypted. Yet the attackers held them to ransom anyway, because the data had been exfiltrated and could be posted publicly if the ransom was not paid.