A new cybersecurity survey by Hornetsecurity shows that ransomware attacks continue to increase: 20 percent of all reported attacks took place in the last 12 months. 60 percent of the attacks were carried out by phishing attempts. The survey was conducted among more than 2.000 IT professionals.
The 2022 Ransomware Report, for which cybersecurity specialist Hornetsecurity surveyed over 2.000 IT executives, shows that 24% of companies have already been victims of a ransomware attack. Compared to last year, this number increased by three percentage points. In addition, every fifth attack (20%) took place in the last year - a clear indication that cyber attacks are becoming more common.
“Attacks on businesses are on the rise, and there is an appalling lack of awareness among IT professionals. Our survey shows that many in the IT community have a false sense of security," comments Daniel Hofmann, CEO of Hornetsecurity, on the results.
Microsoft 365 users targeted by attackers
The results of the 2022 Ransomware Report also underscore the companies' lack of knowledge about available security mechanisms. A quarter of IT pros either don't know or don't believe that Microsoft 365 data can be affected by a ransomware attack. Equally worrisome, 40% of IT pros using Microsoft 365 in their organization admitted they had no recovery plan if their Microsoft 365 data was compromised by a ransomware attack.
“Microsoft 365 is vulnerable to phishing attacks and ransomware attacks, but with the help of third-party tools, IT admins can reliably secure their Microsoft 365 data and protect themselves from such attacks. As criminal actors continue to develop new techniques, companies like ours must continually ensure that they stay ahead of the curve in order to protect companies around the world,” explains Daniel Hofmann.
Lack of preparation on the part of companies
21 percent of the attacked companies paid money or lost data (Image: Hornetsecurity).
The answers from the industry show that IT professionals and companies are often not sufficiently prepared. The number of companies that do not have a contingency plan in case of a cyber attack continued to increase compared to the previous year. In 2021, 16% of respondents said they did not have a contingency plan. In 2022, this proportion rose to 19%, despite the increasing number of attacks. The survey also showed that more than one in five companies hit by an attack (21%) either paid money or lost data.
7% of IT professionals whose organization was attacked said a ransom was paid, while 14% said they lost data as a result of an attack. Hackers therefore have a legitimate interest in carrying out ransomware attacks - because they have a good chance of making money from it.
“Interestingly, 97% of professionals are relatively to extremely confident about their primary method of protection. Even if they don't use many of the most effective security measures available, such as immutable storage and air-gapped offsite storage. This shows us that more education is needed in this area, and we are committed to this," Hofmann continued.
More at Hornetsecurity.com
About Hornetsecurity Hornetsecurity is the leading German cloud security provider for e-mail in Europe and protects the IT infrastructure, digital communication and data of companies and organizations of all sizes. The security specialist from Hanover provides its services via 10 redundantly secured data centers around the world. The product portfolio includes all important areas of e-mail security, from spam and virus filters to legally compliant archiving and encryption, to defense against CEO fraud and ransomware. Hornetsecurity has around 200 employees at 12 locations around the world and operates with its international dealer network in more than 30 countries.