Sophos just released the State of Ransomeware in Retail 2022 report which looks at the most recent insights into ransomware attack rates, costs, recovery, and payouts by retail organizations last year. 

The report is based on an annual study of real-life ransomware experiences of IT professionals. The study reveals the continuing growing challenges in cyber security with the retail sector reporting above-average financial and operational impacts of ransomware attacks. It also offers insight into the relationship between ransomware and cyber insurance and how cyber insurance is driving changes to cyber defenses. 

Here are some highlights from the report: 

• Retail reported a 75% increase in the rate of ransomware attacks over the last year: 77% of organizations were hit in 2021, up from 44% in 2020
• The increased attack rate is part of a cross-sector, global trend. The retail sector reported the second-highest rate of ransomware attacks across all sectors
• Retail experienced an above-average rate of data encryption at 68%; for comparison, the global average was 65%
• Only 28% of retail respondents said they were able to stop an attack before data could be encrypted – below the global average of 31%
• 49% of retail organizations paid the ransom to restore data – higher than the global average of 46%
• The amount of data restored by retail after paying the ransom dropped from 67% in 2020 to 62% in 2021. Following the same trend, the percentage of retail organizations that got ALL their encrypted data back went down from 9% in 2020 to 5% in 2021. For comparison, the global average in 2021 was 4%.
• The average ransom payment by retail was less than one-third of the cross-sector average: $226,044 in retail vs $812,360 across sectors
• The overall cost to remediate a ransomware attack for retail organizations dropped over the last year, down from US$1.97M in 2020 to US$1.27 in 2021. The cross-sector average was US$1.4M, for comparison.
• 88% of retail organizations reported having cyber insurance coverage against ransomware – the second highest rate across all sectors, compared with the cross-sector average of 83%
• Cyber insurance is driving retail organizations to improve cyber defenses – 97% in retail have upgraded their cyber defenses to secure coverage
• Retail reported a below-average rate of ransom payout by insurance providers at 35% compared to the cross-sector average of 40%

The increasing rate of ransomware attacks in retail demonstrates that adversaries have become considerably more capable of executing attacks at scale by successfully deploying the ransomware-as-a-service model.

Most retail organizations are choosing to reduce the financial risks associated with such attacks by taking cyber insurance. For them, it is reassuring to know that insurers pay some costs in almost all claims. However, the sector has one of the lowest ransom payout rates by cyber insurers.

It is getting harder for organizations, especially in the retail sector, to secure coverage. This has driven almost all retail organizations to make changes to their cyber defenses to improve their cyber insurance positions.

Read the full report: The State of Ransomware in Retail 2022

Source: https://news.sophos.com/en-us/2022/09/07/the-state-of-ransomware-in-retail-2022/