Barracuda Networks’ 2023 Ransomware Insights report has some shocking insights. It says 73% of the organizations it polled admit to being victims of at least one successful ransomware attack in 2022.
Worse, 38% said they were hit two or more times.
When it comes to paying the ransom, 42% of those hit three or more times paid the attackers to restore data that had been encrypted by the hackers. A smaller number of those hit by a single attack — 31% — paid the ransom.
The survey was done of companies with between 100 and 2,500 employees. The type of business varied. Breaking the survey down a bit:
- 98% of consumer services businesses were hit by a ransomware attack
- 85% of energy, oil and gas, and utilities were hit
- At 53%, energy, oil and gas, and utilities are the firms most likely to be hit twice
- 69% say the attacks were from a malicious email
Companies with cyber insurance were more likely to be hit by ransomware and 77% of them reported at least one successful attack. That compares to 65% that don’t have cyber insurance.
Fleming Shi is the chief technology officer at Barracuda. He said the number of organizations hit by ransomware in 2022 shows the widespread availability of attack tools.
“The relatively high proportion of repeat victims suggests that security gaps are not fully addressed after the first incident,” Fleming said. “The security industry has an essential role to play in helping organizations to defend themselves against ransomware, through deep, multilayered security technologies that include advanced email protection and backup, as well as threat hunting and extended detection and response (XDR) capabilities to stop malicious activity in its tracks.”