The retail sector emerged as the second most targeted industry by ransomware attackers in 2021.
According to a new sectorial survey report by Sophos, a global next-generation cybersecurity firm, ‘The State of Ransomware in Retail 2022’, the retail industry had the second highest rate of ransomware attacks last year of all sectors surveyed after the media, leisure, and entertainment industry.
The survey showed that 77 percent of retail organizations were hit globally, representing a 75 percent increase from 2020, which is also 11 percent more than the cross-sector average attack rate of 66 percent.
Chester Wisniewski, principal research scientist, Sophos said, “Retailers continue to suffer one of the highest rates of ransomware attacks of any industry. With more than three in four suffering an attack in 2021, it certainly brings a ransomware incident into the category of when not if. In Sophos’ experience, the organizations that are successfully defending against these attacks are not just using layered defenses, they are augmenting security with humans trained to monitor for breaches and actively hunting down threats that bypass the perimeter before they can detonate into even bigger problems.”
“This year’s survey shows that only 28 percent of retail organizations targeted were able to stop their data from being encrypted, suggesting that a large portion of the industry needs to improve their security posture with the right tools and appropriately trained security experts to help manage their efforts,” Wisniewski said
Sophos noted that the average ransom payment also increased, as the percentage of retail organizations attacked by ransomware increased.
The Cybersecurity firm stated that in 2021, the average ransom payment was $226,044, representing a 53 percent increase when compared to 2020 which stood at $147, 81.
However, the report showed that this was less than one-third of the cross-sector average of $812.
Wisniewski said, “It’s likely that different threat groups are hitting different industries. Some of the low-skill ransomware groups ask for $50,000 to $200,000 in ransom payments, whereas the larger, more sophisticated attackers with increased visibility demand $1 million or more.”
“With Initial Access Brokers (IABs) and Ransomware-as-a-Service (RaaS), it’s unfortunately easy for bottom-rung cybercriminals to buy network access and a ransomware kit to launch an attack without much effort. Individual retail stores and small chains are more likely to be targeted by these smaller opportunistic attackers,” he said.
While the retail sector was the second most targeted industry, additional findings by the Cybersecurity company show that the perceived increase in the volume and complexity of cyber-attacks against the industry were slightly below the cross-sector average of 55 percent and 55 percent respectively.
Meanwhile, 92 percent of retail organisations hit by ransomware said the attack impacted their ability to operate and 89 percent said it caused their organization to lose business/revenue
In 2021, the overall cost to retail organizations to remediate a ransomware attack was $1.27M, down from $1.97M in 2020, according to the report.
Also, it stated that when compared to 2020, the amount of data recovered after paying the ransom decreased from 67 percent to 62 percent.
Sophos experts in line with the survey recommend that organizations install and maintain high-quality defenses across all points in the environment and review security controls regularly, ensuring they continue to meet the organization’s needs.
Similarly, experts urged organisations to proactively hunt for threats to identify and stop adversaries before they can execute attacks, adding the need to outsource, if the team lacks the time or skills to do this in-house.