"Three-Quarters of Retail Ransomware Attacks End in Encryption"

According to security researchers at Sophos, the share of global retailers hit by a serious ransomware breach over the past 12 months fell nearly 10 percentage points year-on-year (YoY), but just 26% were able to disrupt an attack before data was encrypted.  The researchers polled 355 IT and cybersecurity leaders in retail organizations with between 100 and 5000 employees.  The researchers noted that although the percentage of breached retailers dropped from 77% last year to 69% this year, the share of respondents able to prevent encryption dropped from 34% in 2021 to 28% in 2022.  The researchers stated that the impact on affected businesses is clear: the share of retailers able to recover from an attack in less than a day decreased from 15% in 2022 to 9% this year, while the percentage that took more than a month to recover increased from 17% to 21% over the same period.  The researchers also found that victim retailers that did pay up ended up with median recovery costs four times that of firms that used backups to recover their data ($3m versus $750,000).
 

Infosecurity reports: "Three-Quarters of Retail Ransomware Attacks End in Encryption"