Sophos has published its report titled “The State of Ransomware in Financial Services 2021”, which reveals the damage suffered by mid-sized financial services institutions worldwide due to ransomware. The report shows that victims of ransomware in the financial services industry had to spend more than $2 million on the medium to fix the situation. Although the report points out that the financial sector is one of the most resistant to ransomware, the figures paid are above the global average.
Other findings of the study include:
- 34% of surveyed financial services institutions were affected by ransomware in 2020.
- 51% of affected organizations said attackers managed to encrypt their data.
- Only 25% pay the ransom demanded to get their encrypted data back. This corresponds to the second lowest payout rate among all industries studied.
- Nearly two-thirds (62%) of ransom victims surveyed were able to restore their encrypted data thanks to their backup.
- 47% of financial services organizations who believe they will be attacked by ransomware in the future say this is because attacks are now much more sophisticated and difficult to stop.
- 45% of the respondents believe that since other organizations in their industry are targeted with ransomware, they can also be targeted, and 40% believe that in an environment where ransomware is so widespread, it is inevitable that they will be affected by cyber attacks.
Backups Are Not Enough to Protect From Extortion Attacks
Financial services is among the most regulated industries in the world. Organizations have to comply with numerous regulations such as SOX, GDPR and PCI DSS, which entail expensive penalties for non-compliance and data breaches. Financial institutions also need to have business continuity and disaster recovery plans to minimize potential damage from data breaches or operational disruptions from a cyberattack.
John Shier, Senior Security Advisor at Sophos, said: “Strict regulations in the financial services industry encourage strong defense. But it also means that a direct attack with ransomware would be very costly for the targeted organizations. This includes possible penalties, IT systems rebuilding and brand reputation damage. When you add in the cost of re-stabilizing it, it’s easier to understand how the $2 million figure came to be.”
The survey was conducted in 30 countries in Europe, the Americas, Asia Pacific and Central Asia, the Middle East and Africa with the participation of 5,400 IT decision makers, 550 of them from financial services institutions.