The State of Ransomware in Financial Services 2021 report released by Sophos shows how mid-sized financial services organisations worldwide spent more than $2 million on average recovering from a ransomware attack.
This figure exceeds the global average of $1.85 million, even though the results also show the financial sector is among the most resilient against ransomware.
Nearly two-thirds (62 per cent) of victims surveyed in this sector were able to restore their encrypted data from backups. The survey studied the extent and impact of ransomware attacks during 2020.
Other findings include:
•34 per cent of the financial services organisations surveyed were hit by ransomware in 2020
•51 per cent of the organisations impacted said the attackers succeeded in encrypting their data
•Only 25 per cent paid the ransom demanded to get their encrypted data back. This is the second lowest payment rate of all industries surveyed. The global average was 32 per cent.
Financial services are among the most highly regulated industries in the world. Organizations must adhere to myriad regulations, including SOX, GDPR, and PCI DSS, that include pricey penalties for non-compliance and data breaches.
Many of these organisations are also required to prepare business continuity and disaster recovery plans to minimise any potential damage from data breaches or operational disruptions stemming from a cyberattack.
Strict guidelines in the financial services sector encourage strong defences. Unfortunately, they also mean that a direct hit with ransomware is likely to be very costly for targeted organisations.
If you add up the price of regulatory fines, rebuilding IT systems and stabilising brand reputation, especially if customer data is lost, you can see why the survey found that recovery costs for mid-sized financial services organisations hit by ransomware in 2020 were in excess of $2 million.
Two other slightly worrying data points are the fact that a small, but significant, 8 per cent of financial services organisations experienced what are known as ‘extortion’ attacks, where data is not encrypted, but stolen and victims are threatened with the online publication of their data unless they pay the ransom.
Backups cannot protect against this risk, so financial services organisations should not rely on them as an anti-extortion defence.
Further, 11 per cent of the financial organisations surveyed believe they won’t get hit because they are ‘not a target.’ This is a dangerous perception because anyone can be a target.
The best approach is to assume you will be a target and to build your defences accordingly.
Of the financial services organisations that believe they’ll be hit by ransomware in the future, 47 per cent said this is because attacks are now so sophisticated they have become harder to stop. Forty-five per cent feel they’ll become a target because other organisations in their industry have already been targeted with ransomware.
Oman Observer is now on the WhatsApp channel. Click here
