As ransomware grows exponentially around the world, recent attacks such as Sunburst and Kaseya have once again brought supply chain attacks to the forefront.
About 63% companies feel that it is losing trust in legacy vendors, like Microsoft, due to frequent security incidents against these previously trusted technology suppliers, CrowdStrike reported.
The issue is so widespread that more than 3 out of every 4 respondents (77%) have suffered a supply chain attack. Swift action and newer technologies will be required by businesses looking to increase their cyber resiliency.
“The survey presents an alarming picture of the modern threat landscape, demonstrating that adversaries continue to exploit organizations around the world and circumvent outdated technologies. Today's threat environment is costing businesses around the world millions of dollars and causing additional fallout," said Michael Sentonas, chief technology officer, CrowdStrike.
Survey data indicates that ransomware attacks are continuing to prove effective, with average ransomware payments increasing 62.7% in 2021 (from $1.1 million in 2020 to $1.79 million in 2021), CrowdStrike’s survey found out.
Not only that, organizations are almost universally getting hit with “double extortion,” when threat actors not only demand a ransom to decrypt data, they additionally threaten to leak or sell the data unless the victims pays more money.
- Survey data shows that 96% of organizations that paid a ransom were forced to pay additional extortion fees, costing businesses on average $792,493.
- 66% of respondents’ organizations suffered at least one ransomware attack in the past 12 months
- More than half (57%) of businesses did not have a comprehensive ransomware defense strategy in place
- The average ransomware payment was $1.34 million in EMEA and $2.35 million in APAC and $1.55 million in the US
The average ransom payment increased by 63% in 2021 to $1.79 million (USD), compared to $1.10 million (USD) in 2020. While attackers are not getting quite the amounts they are seeking, they are still earning massive payouts.