Retailers continue to suffer one of the highest rates of ransomware attacks of any industry, according to a new sectoral survey report published by Sophos, a global leader in next-generation cybersecurity.
The State of Ransomware in Retail 2022 report reveals that retail had the second highest rate of ransomware attacks last year of all sectors surveyed after the media, leisure, and entertainment industry. Globally, 77% of retail organisations surveyed were hit—a 75% increase from 2020. This is also 11% more than the cross-sector average attack rate of 66%.
With more than three in four suffering an attack in 2021, it certainly brings a ransomware incident into the category of when, not if, says Sophos Principal Research Scientist Chester Wisniewski.
“In Sophos’ experience, the organisations that are successfully defending against these attacks are not just using layered defenses, they are augmenting security with humans trained to monitor for breaches and actively hunting down threats that bypass the perimeter before they can detonate into even bigger problems,” he said.
“This year’s survey shows that only 28% of retail organisations targeted were able to stop their data from being encrypted, suggesting that a large portion of the industry needs to improve their security posture with the right tools and appropriately trained security experts to help manage their efforts.”
As the percentage of retail organisations attacked by ransomware increased, so did the average ransom payment. In 2021, the average ransom payment was $226,044, a 53% increase when compared to 2020 ($147,811). However, this was less than one-third the cross-sector average ($812K).
The research also revealed that 92% of retail organisations hit by ransomware said the attack impacted their ability to operate and 89% said the attack caused their organisation to lose business/revenue.
In the light of the survey findings, Sophos experts recommend the following best practices:
- Install and maintain high-quality defences across all points in the environment
- Proactively hunt for threats to identify and stop adversaries before they can execute attacks
- Harden the IT environment by searching for and closing key security gaps
- Prepare for the worst, and have an updated plan in place of a worst-case incident scenario
- Make backups, and practice restoring them to ensure minimal disruption and recovery time.
