SECURITY NEWS
97 % enterprises hit by ransomware in 2023 approached law enforcement for help , finds Sophos
Sophos , a global provider of innovative security solutions that defeat cyberattacks , released additional findings from its annual State of Ransomware 2024 survey . According to the report , among organisations surveyed , 97 % of those hit by ransomware over the past year engaged with law enforcement and , or official government bodies for help with the attack .
In addition , more than half , 59 % of those organisations that did engage with law enforcement found the process easy or somewhat easy . Only 10 % of those surveyed said the process was very difficult .
Based on the survey , impacted organisations reached out to law enforcement and , or official government bodies for a range of assistance with ransomware attacks . 61 % reported they had received advice on dealing with ransomware , while 60 % received help investigating the attack . 58 % of those that had their data encrypted received help from law enforcement to recover their data from the ransomware attack .
Chester Wisniewski , Director , Field CTO , Sophos
Companies have traditionally shied away from engaging with law enforcement for fear of their attack becoming public . If they are known to have been victimised it could impact their business reputation and make a bad situation worse . Victim shaming has long been a consequence of an attack , but we have made progress on that front , both within the security community and at the government level .
From the law enforcement side , while they have had some recent successes with takedowns and arrests from LockBit to Qakbot , these successes have proven to be more akin to temporary disruptions than longer term or permanent wins . Today ’ s threat environment is constantly evolving , and it is more severe and more complex than ever before .
“ New regulations on cyber incident reporting , for example , appear to have normalised engaging with law enforcement , and this survey data shows organisations are taking steps in the right direction ,” said Chester Wisniewski , Director , Field CTO , Sophos .
“ If the public and the private sectors can continue to galvanise as a group effort to help businesses , we can continue to improve our ability to recover quickly and gather intelligence to protect others or even potentially hold those conducting these attacks responsible .”
Recent in-the-field findings from Sophos X-Ops ’ Active Adversary report highlighted the continued threat of ransomware to small-and-medium sized businesses . Data from more than 150 incident response cases in 2023 found that ransomware was , for the fourth year running , the most frequently encountered attack type , occurring in 70 % of IR cases Sophos X-Ops investigated .
The most recent Active Adversary report showed that many organisations are still failing to implement key security measures that can demonstrably reduce their overall risk profile ; this includes patching their devices in a timely manner and enabling multi-factor authentication .
“ Criminals are successful in part due to the scale and efficiency with which they operate . To beat them back , we need to match them in both these areas . That means that , going forward , we need even greater collaboration , both within the private and public sector , and we need it at a global level ,” said Wisniewski .
16 www . intelligenttechchannels . com