83% of organizations paid up in ransomware attacks 

Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More

Today, cloud network detection and response provider ExtraHop released the 2023 Global Cyber Confidence Index, which found that not only did the average number of ransomware attacks increase from four to five from 2021 to 2022, but also that 83% of victim organizations paid a ransom at least once. 

The report found that while entities like the FBI and CISA argue against paying ransoms, many organizations decide to eat the upfront cost of paying a ransom, costing an average of $925,162, rather than enduring the further operational disruption and data loss. 

Organizations “are paying ransoms because they believe it’s the quickest and easiest route to get their business back up and running,” said Jamie Moles, senior technical manager at ExtraHop.

At the same time, the popular double extortion modus operandi of many cyber gangs “incorporates stealing data before encrypting it and threatening to publish it on the internet if you don’t pay the ransom,” said Moles, thus placing extra pressure on organizations to pay up. 


Transform 2023

Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.


Register Now

The cost of cybersecurity debt 

The research comes just after KFC, Taco Bell and Pizza Hut parent company Yum! Brands announced it had experienced a ransomware breach. 

One of the underlying themes of ExtraHop’s report released today is that organizations are giving ransomware attackers leverage over their data by failing to address vulnerabilities created by unpatched software, unmanaged devices and shadow IT. 

For instance, 77% of IT decision makers argue that outdated cybersecurity practices have contributed to at least half of security incidents. 

Over time, these unaddressed vulnerabilities multiply, giving threat actors more potential entry points to exploit and greater leverage to force companies into paying up. 

“The probability of a ransomware attack is inversely proportional to the amount of unmitigated surface attack area, which is one example of cybersecurity debt,” said Mark Bowling, chief risk, security and information security officer at ExtraHop. “The liabilities, and, ultimately, financial damages that result from this de-prioritization compounds cybersecurity debt and opens organizations up to even more risk.”

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.

Source link: https://venturebeat.com/security/83-of-organizations-paid-up-in-ransomware-attacks/




Antonio Conte makes admission about future as Jamie O’Hara says Tottenham boss deserves stick after defeat to AC Milan and says Clement Lenglet is...

Jamie O’Hara blew his top at Tottenham’s performance and took swipes at Antonio Conte and the players. Spurs were beaten 1-0 by AC Milan...

FIFA reject Ukraine president Volodymyr Zelensky’s request for message of peace ahead of World Cup final between Argentina and France

FIFA has rejected a request from Ukraine president Volodymyr Zelensky to send a peace message ahead of the World Cup final. Argentina and France lock horns on Sunday, with Les...

Former Wallabies captain slams Aussie rugby

Former Wallabies captain Stephen Moore has slammed the current state of rugby union in Australia, saying he’s become “disillusioned with the game.”Moore,...

New No. 1 Aryna Sabalenka learns her projected path to winning Beijing

New No. 1 Aryna Sabalenka learns her projected path to winning Beijing © Getty Images Sport - Di Yin Aryna Sabalenka is set...

Inadequate: SEC Dismisses Bitcoin ETF Filings?

The SEC dismisses a wave of applications for spot Bitcoin ETFs as inadequate. The decision has...