Whether a small business or a large one, all organizations feel the impact of ransomware. Attackers have perfected their tactics, leveraging generative AI to make phishing attacks extremely intelligent while continuing to focus on disruptive supply chain attacks. The next generation of threats are more targeted, and with the help of AI and a thriving cybercrime-as-a-service market, the barrier to entry for aspiring cybercriminals has never been lower.
During the third edition OpenText™ Cybersecurity Global Ransomware Survey 2024we put a magnifying glass on these rapidly expanding techniques and attack vectors. It is worrying that while businesses of all sizes are aware of the risks they face and have taken steps to improve their resilience, ransomware attacks and successful payments continue to rise.
Ransomware strikes
Alarmingly, almost half of those surveyed (48%) said their business had already been the victim of a ransomware attack, and almost three-quarters (73%) of businesses had been victims of a ransomware attack. ransomware attack this year. Of those who suffered a ransomware attack in the past year, about half (46%) paid the ransom, with 31% of those payments falling between $1 million and $5 million. The survey also found that SMBs suffered more ransomware attacks than large businesses this year, highlighting the need for organizations of all sizes to defend against ransomware.
With 39% of companies testing the reliability of recovery plans with techniques like dry testing once every few months, and 29% twice a year, companies can recover data after these attacks. Nearly all respondents (97%) reported a successful restoration of their organization’s data. Data Management Solutions helping businesses recover this data and keep their businesses running.
Supply chain attacks come to the fore
A majority of respondents (91%) are concerned about ransomware attacks against their company’s downstream software supply chain, third parties and connected partners. Recent breaches by key industry vendors such as Change Healthcare, Ascension and CDK Global, which caused industry-specific outages and losses, have made respondents more concerned about the impact of an on-chain attack supply; nearly half (49%) are concerned enough to consider switching providers.
Of those who experienced a ransomware attack in the past year, 62% said they were affected by an attack from a software supply chain partner. Notably, 90% of these respondents plan to increase collaboration with software vendors to improve security practices over the next year.
Given the massive industry-specific outages caused by these recent breaches and other impacts, two-thirds of respondents (67%) plan to increase collaboration with software vendors to improve security practices over the course of the year. next year. Only 15% are not. Nearly three-quarters (71%) of respondents evaluate their software vendors’ cybersecurity practices at least twice a year.
Besides regular security audits of software suppliers, vendors and partners being the most important tool to help secure the software supply chain, implementing advanced threat detection tools is the second most important. Threat detection and response tools must go beyond traditional boundaries so that organizations can proactively protect their assets against attacks.
AI-based attacks
While the rise of AI allows security teams to more effectively triage alerts and automate responses, AI also helps cybercriminals be more effective, contributing to an increase in phishing attacks and growing fears about AI-based attacks.
Nearly half (45%) of respondents saw an increase in phishing attacks due to the widespread use of AI, and of those who experienced a ransomware attack, 69% noted a slight increase in phishing. Similarly, 55% of survey participants believe their business is at greater risk of experiencing a ransomware attack due to the proliferation of AI use among malicious actors.
Investing in cybersecurity
As awareness of ransomware threats increases, so does regulation. According to 37% of respondents, regulatory compliance or cyber insurance requirements are the main drivers for increased investments in ransomware defense within the software supply chain.
Thus, around three quarters (72%) of those surveyed are covered by cyber insurance in the event of a successful attack. A surprising 25% aren’t and only 3% aren’t because it’s too expensive. However, the financial risks presented by the increasing frequency and sophistication of cyber threats make cyber insurance an essential investment.
Companies are also increasingly investing in cloud security as well as security awareness and anti-phishing training. Nearly two-thirds (66) percent of respondents said their organization prioritizes cloud security. More than half (56%) of businesses outsource security to an IT or managed services provider.
Additionally, 91% of respondents said their company requires employees to participate in security or phishing awareness training. In 2024, 66% of companies conducted training at least once per quarter, a significant increase from 39% in 2023. The increase in security awareness training is a positive indication that organizations are taking the threats take seriously and understand the risk to front-line employees. the lines represent. Respondents believe current security awareness programs and training are effective in addressing AI risks: 88% of respondents believe programs and training are very or somewhat effective.
Avoid paying the attacker’s salary
Results from OpenText’s Cybersecurity 2024 Global Ransomware Survey reveal that even as investments in cybersecurity increase, businesses continue to pay ransoms at an alarming rate. Paying a ransom only perpetuates the problem. If we want to disrupt the growing trend of ransomware attacks, it will start with companies refusing to pay the ransom and their cyber resilience strategy.
