Nearly a quarter of businesses have suffered a ransomware attack, with a fifth occurring in the past 12 months, according to Hornetsecurity.
The 2022 Ransomware Report, which surveyed over 2,000 IT leaders, revealed that 24% have been victims of a ransomware attack, with 20% of attacks happening in the last year.
Cyberattacks are happening more frequently. Last year’s ransomware survey revealed that 21% of companies experienced an attack. This year it rose by three percent to 24%.
“Attacks on businesses are increasing, and there is a shocking lack of awareness and preparation by IT pros. Our survey shows that many in the IT community have a false sense of security. As bad actors develop new techniques, companies like ours have to do what it takes to come out ahead and protect businesses around the world,” said Daniel Hofmann, CEO at Hornetsecurity.
Microsoft 365 is vulnerable to ransomware attacks
The report highlighted a lack of knowledge on the security available to businesses. 25% of IT professionals either don’t know or don’t think that Microsoft 365 data can be impacted by a ransomware attack.
Just as worryingly, 40% of IT professionals that use Microsoft 365 in their organization admitted they do not have a recovery plan in case their Microsoft 365 data was compromised by a ransomware attack.
“Microsoft 365 is vulnerable to phishing attacks and ransomware attacks, but with the help of third-party tools, IT admins can backup their Microsoft 365 data securely and protect themselves from such attacks,” said Hofmann.
Preparedness is lacking
Industry responses showed the widespread lack of preparedness from IT professionals and businesses. There has been an increase in businesses not having a disaster recovery plan in place if they do succumb to the heightened threat of a cyberattack.
In 2021, 16% of respondents reported having no disaster recovery plan in place. In 2022, this grew to 19%, despite the rise in attacks.
The survey also showed that 21% of businesses that were attacked either paid up or lost data. Hackers have an incentive to run these ransomware attacks because there’s a decent chance that they’ll get a payday – 7% of IT professionals whose organization was attacked paid the ransom, while 14% admitted that they lost data to an attack.
“Interestingly, 97% of pros are moderately to extremely confident in their primary protection method, even if they don’t use many of the most effective security measures available, such as immutable storage and air-gapped off-site storage. This tells us that more education is needed in the field, and we’re committed to this cause,” Hofmann said.