Sophos’ newest annual research of the real-world ransomware experiences of retail organizations explores the total sufferer journey, from assault charge and root trigger to operational affect and enterprise outcomes.
This yr’s report sheds mild on new areas of research, together with an exploration of ransom calls for vs. ransom funds and the way typically retail organizations obtain assist from legislation enforcement our bodies to remediate assaults.
Obtain the report back to discover the total findings.
Assault charges have dropped, however restoration is dearer
45% of retail organizations reported they have been hit by ransomware final yr. It is a notable and welcome drop from the 69% and 77% ransomware charges reported in 2023 and 2022, respectively.
92% of retail organizations hit by ransomware previously yr stated that the cybercriminals tried to compromise their backups in the course of the assault. Of the makes an attempt, 47% have been profitable.
56% of ransomware assaults on retail organizations resulted in knowledge encryption, a substantial drop from the 71% reported in 2023 and 68% in 2022. The info encryption charge in retail was notably decrease than the worldwide cross-sector common of 70% and the bottom throughout all sectors aside from monetary providers (49%).
Retail reported the second-highest knowledge extortion charge (5%) collectively with monetary providers, the place the info was not encrypted however they have been held for ransom.
The imply price for retail organizations to recuperate from a ransomware assault was $2.73M in 2024, a rise from the $1.85M reported in 2023.
Gadgets impacted in a ransomware assault
On common, 40% of computer systems in retail are impacted by a ransomware assault. Having your full atmosphere encrypted is extraordinarily uncommon, with solely 2% of organizations reporting that 91% or extra of their units have been impacted.
Retail’s propensity to pay the ransom has elevated
66% of retail organizations restored encrypted knowledge utilizing backups, whereas 60% paid the ransom to get knowledge again. Using backups in retail organizations has fallen barely for the second consecutive yr, however what’s extra regarding is the sector’s propensity to pay the ransom, which has elevated significantly over the past yr.
A notable change over the past yr is the rise within the propensity for victims to make use of a number of approaches to recuperate encrypted knowledge (e.g., paying the ransom and utilizing backups). On this yr’s research, over one-third of retail organizations (39%) that had knowledge encrypted reported utilizing multiple technique, greater than double the speed reported in 2023 (16%).
Retail victims not often pay the preliminary ransom sum demanded
78 retail respondents whose organizations paid the ransom shared the precise sum paid, revealing that the typical (median) cost has decreased by 68% over the past yr, from $3M to $950K.
Just one-third (34%) of respondents stated that their cost matched the unique request. 53% paid lower than the unique demand, whereas solely 14% paid extra.
Obtain the total report for extra insights into ransom funds and plenty of different areas.
In regards to the survey
The report is predicated on the findings of an unbiased, vendor-agnostic survey commissioned by Sophos of 5,000 IT/cybersecurity leaders throughout 14 international locations within the Americas, EMEA, and Asia Pacific, together with 577 from the retail sector. All respondents symbolize organizations with between 100 and 5,000 workers. The survey was performed by analysis specialist Vanson Bourne between January and February 2024, and contributors have been requested to reply primarily based on their experiences over the earlier yr.
