Many retailers are struggling to deal with ransomware attacks

News
By published

It's getting harder to stop the encryption

security
(Image credit: Shutterstock / binarydesign)

Slowly but surely, retailers are losing the battle against ransomware operators, a worrying new report has claimed.

After surveying 3,000 IT and cybersecurity leaders in SMBs and enterprises around the world (including 355 from the retail industry), Sophos found that only 26% of retailers were able to disrupt a ransomware attack before having their data encrypted. Last year, it was 28%, and the year before that - 34%.

The survey should be a wake-up call for organizations in the retail sector, argues Chester Wisniewski, director, global field CTO, Sophos, saying that retailers need to tighten up on security, now.

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Longer recovery

Not every victim pays the ransom demand. But among those that do, their median recovery cost (excluding the ransom payment) was four times the recovery cost of those that had a working backup ($3 million and $750,000 respectively).

Sophos’ report showed more than two in five (43%) paying the ransom demand. “There are no shortcuts in these situations and rebuilding systems is almost always required. It's better to deprive the criminals of their spoils and build back better,” said Wisniewski.

The good news for retailers (but not for everyone else) is that the percentage of retail firms being targeted by ransomware threat actors dropped from 77% last year, to 69% this year. However, the percentage of firms that recovered in less than a day dropped from 15% to 9%. At the same time, the percentage of those who took more than a month to do the same rose from 17% to 21%.

Ransomware usually starts with a reckless employee downloading malware, or granting the attackers access to their endpoints in some way. Hence, the best protection against ransomware starts with the education of the employees, on the dangers of cyberattacks.

Backing up key systems and data, and installing endpoint protection services also helps.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.