Ransomware attacks have evolved from sporadic threats to a constant threat that keeps companies around the world on their toes. According to the latest Ransomware Risk Report 2024, published by Semperis in collaboration with Censuswide According to the report, the threat posed by ransomware is not only omnipresent, but also increasingly complex and serious. The report is based on a survey of 900 IT and security managers from the US, UK, France and Germany and sheds light on the frequency, severity and consequences of ransomware attacks.
Key findings from the report
- Frequency and repetition of attacks:
- 74% of affected companies were attacked multiple times, often within short periods of time.
- In certain sectors, such as IT/telecom and transport, even simultaneous attacks were not uncommon.
- Economic damage and business disruption:
- 87% of attacks resulted in significant operational disruption, including data loss and the need to take systems offline.
- The consequences range from loss of sales and layoffs to reputational damage and even business closures.
- Ransom payments as common practice:
- 78% of attacked companies paid ransoms, and 32% paid four or more times within a year.
- The average ransom payments were often over USD 600,000, and in Germany in particular the payments were significantly higher.
- Lack of specific backup and recovery systems: Although many organizations have general backup systems in place, only 27% have dedicated systems for restoring identity controls, such as Active Directory.
On the subject of hacking with us:
Recommendations for companies
- Increased resilience through an “Assume Constant Breach” mentality: Companies should adapt their security strategies to prepare for constant attacks. Assuming a constant threat state allows them to respond to security incidents faster and more effectively.
- Strengthening identity systems: Since identity systems such as Active Directory are a primary target for attackers, it is critical to implement dedicated backup and recovery systems. Robust identity and access management is key to minimizing the impact of ransomware attacks.
- Reducing dependence on ransom payments: Companies should regularly test their contingency plans and ensure they have effective measures in place to recover without payments. The report shows that payments often do not guarantee recovery and do not prevent long-term damage.
- Board-Level Engagement: The report emphasizes the need for top management, including the board, to take the threat seriously and invest in cyber resilience. Cybersecurity is no longer just an IT issue, but a strategic necessity.
Conclusion
The Ransomware Risk Report 2024 makes it clear that ransomware is not just a technical risk, but a comprehensive business risk. Companies must act proactively, continuously check their systems for vulnerabilities and strengthen their resilience to attacks. Only a holistic and well-coordinated security strategy can minimize the devastating effects of ransomware.
Latest articles by Attorney Jens Ferner (Specialist in IT & Criminal Law) (Show all)
