The State of Ransomware in Monetary Companies 2024 – Sophos Information


592 IT/cybersecurity leaders share their ransomware experiences from the final yr, revealing contemporary new insights into the realities going through them at this time.

The newest annual Sophos research of the real-world ransomware experiences of monetary providers organizations explores the total sufferer journey, from assault fee and root trigger to operational influence and enterprise outcomes.

This yr’s report sheds mild on new areas of research for the sector, together with an exploration of ransom calls for vs. ransom funds and the way usually monetary providers organizations obtain help from legislation enforcement our bodies to remediate the assault.

Obtain the report to get the total findings.

Assault charges have remained regular, however restoration is dearer

65% of monetary providers organizations had been hit by ransomware in 2024, consistent with the 64% fee reported in 2023 however above the speed reported within the earlier two years.

devices impacted

90% of monetary providers organizations hit by ransomware prior to now yr stated that cybercriminals tried to compromise their backups in the course of the assault. Of the makes an attempt, slightly below half (48%) had been profitable – one of many lowest charges of backup compromises throughout sectors.

49% of ransomware assaults on monetary providers organizations resulted in knowledge encryption, a considerable drop from the 81% encryption fee reported in 2023. The sector reported the bottom knowledge encryption fee throughout all sectors and the best success fee in stopping assaults earlier than knowledge might be encrypted.

The imply value in monetary providers organizations to get better from a ransomware assault was $2.58M in 2024, a rise from the $2.23M reported in 2023.

Units impacted in a ransomware assault

On common, 43% of computer systems in monetary providers organizations are impacted by a ransomware assault, somewhat under the cross-sector common of 49%. Having your full setting encrypted is extraordinarily uncommon, with solely 4% of organizations reporting that 91% or extra of their gadgets had been impacted.

devices impacted

The propensity to pay the ransom has elevated in monetary providers

62% of monetary providers organizations restored encrypted knowledge utilizing backups, and 51% paid the ransom to get knowledge again. As compared, globally, 68% used backups and 56% paid the ransom.

The three-year view of monetary providers organizations reveals that the hole between the usage of backups and ransom cost has narrowed during the last 12 months. In 2023, 69% of monetary providers organizations used backups, and 43% paid the ransom to revive encrypted knowledge after the assault.

data recovery

A notable change during the last yr is the rise within the propensity for victims to make use of a number of approaches to get better encrypted knowledge (e.g., paying the ransom and utilizing backups). On this yr’s research, 37% of monetary providers organizations that had knowledge encrypted reported utilizing a couple of methodology, greater than double the speed reported in 2023 (16%).

Monetary providers victims hardly ever pay the preliminary ransom sum demanded

90 monetary providers respondents whose organizations paid the ransom shared the precise sum paid, revealing that the typical (median) cost has elevated 18X during the last yr, from $109,000 to $2M.

Solely 18% paid the preliminary ransom demand. 67% paid lower than the unique demand, whereas 15% paid extra. On common, throughout all monetary providers respondents, organizations paid 75% of the preliminary ransom demanded by adversaries.

ransom payment pie chart

Obtain the total report for extra insights into ransom funds and lots of different areas.

Concerning the survey

The report is predicated on the findings of an impartial, vendor-agnostic survey commissioned by Sophos of 5,000 IT/cybersecurity leaders throughout 14 international locations within the Americas, EMEA, and Asia Pacific, together with 592 from the monetary providers sector. All respondents symbolize organizations with between 100 and 5,000 workers. The survey was carried out by analysis specialist Vanson Bourne between January and February 2024, and individuals had been requested to reply primarily based on their experiences over the earlier yr.