Key Findings on Ransomware in Retail Sector: Sophos

Sophos has released its study on the ransomware experiences of retail organizations, providing an in-depth look at the victim journey, from attack rates and root causes to operational impacts and business outcomes.
Sophos report on ransomware attack on retail 2024 June
In the past year, 45 percent of retail organizations reported being targeted, a substantial drop from 69 percent in 2023 and 77 percent in 2022.

The cost of recovery has surged. The expense for retail organizations to recover from a ransomware attack rose to $2.73 million in 2024 from $1.85 million in 2023. 92 percent of retail organizations that experienced ransomware attacks noted that cybercriminals attempted to compromise their backups, with 47 percent of these attempts being successful.

Data encryption from ransomware attacks decreased, with 56 percent of incidents resulting in encryption, down from 71 percent in 2023 and 68 percent in 2022. This rate is below the global average of 70 percent, and only financial services reported a lower rate at 49 percent. Retail had the second-highest data extortion rate at 5 percent, tied with financial services.

40 percent of computers in retail are impacted by ransomware attacks. Complete encryption of the full environment is rare, with only 2 percent of organizations reporting that over 91 percent of their devices were affected.

The propensity for retail organizations to pay ransoms has increased. While 66 percent restored encrypted data using backups, 60 percent paid the ransom. Notably, 39 percent of retail organizations that experienced data encryption used multiple methods to recover their data, more than doubling the 16 percent reported in 2023.

Despite this, the average ransom payment has decreased significantly. The median payment dropped from $3 million to $950,000, a 68 percent reduction. Only 34 percent of respondents paid the exact amount demanded, with 53 percent paying less and 14 percent paying more.

Survey Methodology

The findings are based on an independent survey commissioned by Sophos and conducted by Vanson Bourne. It included responses from 5,000 IT/cybersecurity leaders across 14 countries, with 577 participants from the retail sector. The survey, conducted between January and February 2024, asked respondents about their experiences over the past year.

Related News

Latest News

Latest News