Sophos State of Ransomware 2020 Report Shows Dangers of Paying
Sophos recently released the State of Ransomware 2020 report. This report surveyed 5,000 IT decision-makers around the world, generating new insights when a ransomware attack hits. According to the report, around 51 percent of businesses suffered a significant ransomware attack in the previous 12 months.
Sophos develops products for communication endpoint, encryption, and email security. Additionally, it provides cloud-native data security, network security, mobile security, and unified threat management. Among its offerings, Sophos offers the Intercept X Endpoint, the XG Firewall, and Managed Threat Response.
In the State of Ransomware 2020 report, Sophos researchers found the average total cost of a ransomware attack for businesses that pay the attack approaches $1.4 million. Meanwhile, those who refuse to pay the ransomware found their costs halved to around $732,000. Criminals successfully encrypted files in 73 percent of attacks and breaches. Moreover, 27 percent of organizations said they paid the ransom, despite that encouraging future attacks. 56 percent of professionals recovered their data via backup without paying the ransom.
Chester Wisniewski, principal research scientist, Sophos, gave a statement with the release of the State of Ransomware 2020 report. “Organizations may feel intense pressure to pay the ransom to avoid damaging downtime. On the face of it, paying the ransom appears to be an effective way of getting data restored, but this is illusory.”
“Sophos’ findings show that paying the ransom makes little difference to the recovery burden in terms of time and cost. This could be because it is unlikely that a single magical decryption key is all that’s needed to recover. Often, the attackers may share several keys and using them to restore data may be a complex and time-consuming affair.”
Learn more about Sophos here.
Ben Canner
Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
- The Best Udacity Nanodegree Programs for Cybersecurity - December 27, 2023
- 7 Best Endpoint Security Courses on Udemy to Consider - December 26, 2023
- The 12 Best Cybersecurity LinkedIn Learning Courses - December 17, 2023
