Sophos: Ransomware is crippling retail organizations
Retail organizations faced a growing threat from ransomware attacks, with fewer managing to stop the encryption of their data. Sophos, a cybersecurity leader, revealed that only a quarter of retailers prevented data encryption during attacks in the last year, marking a decline from previous years.
This trend indicated a struggle to intercept ongoing ransomware assaults.
“Retailers are losing ground in the battle against ransomware,” said Chester Wisniewski, director, global field CTO, Sophos. “Ransomware criminals have been encrypting increasingly greater percentages of their retail victims in the last three years, as evidenced by the steadily declining rate of retailers stopping cybercriminal attacks in progress. Retailers must up their defensive game by setting up security that detects and responds to intrusions earlier in the attack chain.”
Sophos: Cybercriminals run contests to advance techniques
Cybercriminals scam each other — Sophos
Organizations that paid the ransom faced significantly higher recovery costs compared to those who restored their data from backups. Despite nearly half of the retail victims yielding to ransom demands, their median recovery expenses were four times greater.
Wisniewski stressed the importance of robust defenses and rebuilding systems rather than funding cybercriminals.
Key findings outlined the escalating rate of encryption in the retail sector, with a majority falling victim to data encryption by ransomware. Although the percentage of attacks slightly decreased, the time taken for recovery varied, with fewer organizations managing swift restoration.
Boosting cyber defense
Sophos recommended various strategies to boost defenses against ransomware, including enhanced security tools, Zero Trust Network Access, adaptive technologies, and continual threat detection and response. The cybersecurity-as-a-service provider emphasized the necessity of proactive measures such as regular backups, data recovery drills, and updated incident response plans, alongside maintaining stringent security practices like timely patching and constant security tool evaluations.
The survey, participated by 3,000…