Financial services firms spent over $2 mn on ransomware recovery in 2020: Sophos

Financial services firms spent over $2 mn on ransomware recovery in 2020: Sophos
Photo Credit: Pixabay
27 Sep, 2021

The average cost of mitigating the impact of a ransomware attack has touched $2.10 million (Rs 15.50 crore) in 2020, cybersecurity firm Sophos said in a report on Monday. 

According to the organization, the figure is a quarter of a million dollars higher than the global cross-sector average of $1.85 million (Rs 13.6 crore) as it not just includes the ransom paid by companies but also additional expenses of rectifying the attack.  

“If you add up the price of regulatory fines, rebuilding IT systems and stabilizing brand reputation, especially if customer data is lost, you can see why the survey found that recovery costs for mid-sized financial services organizations hit by ransomware in 2020 were in excess of $2 million,” John Shier, senior security advisor at Sophos, said, noting the strict regulation of the financial services sector ensure strong defenses but also result in costly recovery in case of a mishap. 

Sophos interviewed as many as 5,400 IT decision makers for the report, including 550 from the financial services sector.  

Out of the group, the company found that 34% of financial services organizations were hit by ransomware attacks last year. For perspective, Retail and Education sectors saw more attacks at 44% each. 

While 41% of the financial sector targets defended themselves against the attacks, 51% saw their data being encrypted. A significant 62% of these firms solved the problem by restoring a pre-existing data backup, while 25% had to pay the ransom to get their data back.  

Sadly, the victims managed to recover just 63% of their data (on an average) even after paying the ransom, with over one third remaining inaccessible to them. 

“Two other slightly worrying data points are the fact that a small, but significant, 8% of financial services organizations experienced what are known as ‘extortion’ attacks, where data is not encrypted, but stolen and victims are threatened with the online publication of their data unless they pay the ransom...Further, 11% of the financial organizations surveyed believe they won’t get hit because they are not a target,” Shier added. 

In addition to this, about 42% of the surveyed financial services organizations said they have not been hit by a ransomware attack but expect to face one in the future. 

“47% (of those expecting attacks) said this is because attacks are now so sophisticated they have become harder to stop. Forty-five percent feel they’ll become a target because other organizations in their industry have already been targeted with ransomware,” Shier emphasized.