{"id":638005,"date":"2022-10-26T13:46:18","date_gmt":"2022-10-26T11:46:18","guid":{"rendered":"https:\/\/businesstech.co.za\/news\/?p=638005"},"modified":"2022-10-26T13:46:18","modified_gmt":"2022-10-26T11:46:18","slug":"retail-industry-the-second-most-ransomware-targeted-industry-in-2021","status":"publish","type":"post","link":"https:\/\/businesstech.co.za\/news\/industry-news\/638005\/retail-industry-the-second-most-ransomware-targeted-industry-in-2021\/","title":{"rendered":"Retail industry the second most ransomware-targeted industry in 2021"},"content":{"rendered":"<p>An incredible 77% of retail organisations were hit with ransomware in 2021, a 75% increase in one year.<\/p>\n<p>This information was published in Sophos\u2019 The State of Ransomware in Retail 2022 report, which found that retail had the second highest rate of ransomware attacks last year of all sectors surveyed after the media, leisure, and entertainment industry.<\/p>\n<p>Furthermore, the majority of retail organisations hit by ransomware said the attack impacted their ability to operate, and most said the attack caused their organisation to lose business\/revenue.<\/p>\n<ul>\n<li><a href=\"https:\/\/store.duxbury.co.za\/?utm_source=BoradMedia&amp;utm_medium=Article&amp;utm_term=October+2022\" target=\"_blank\" rel=\"noopener\"><strong>Click here to learn more about Duxbury Networking.<\/strong><\/a><\/li>\n<\/ul>\n<p>These data points indicate that the operational and commercial impact of ransomware on the retail sector was a little higher than the cross-sector average.<\/p>\n<p>\u201cThese are scary statistics and point very clearly to the fact that ransomware is a critical issue for many retailers.&#8221;<\/p>\n<p>&#8220;The Sophos report lifts the lid off the real impact that ransomware has on retail operations.&#8221;<\/p>\n<p>&#8220;Because the ransomware landscape is a complex, crowded and rapidly evolving ecosystem, it is advisable to ensure that you have the correct mitigation solutions in place,\u201d says Ross Anderson, Sophos Product Development Manager at Duxbury Networking.<\/p>\n<p>Retailers continue to suffer one of the highest rates of ransomware attacks of any industry.<\/p>\n<p>With more than three in four suffering an attack in 2021, it certainly brings a ransomware incident into the category of \u2018when\u2019, not \u2018if\u2019.<\/p>\n<p>In Sophos\u2019 experience, the organisations that are successfully defending against these attacks are not just using layered defences, they are augmenting security with humans trained to monitor for breaches and actively hunting down threats that bypass the perimeter before they can detonate into even bigger problems.<\/p>\n<p>This year\u2019s survey shows that only a quarter of retail organisations targeted were able to stop their data from being encrypted, suggesting that a large portion of the industry needs to improve their security posture with the right tools and appropriately trained security experts to help manage their efforts,\u201d says Chester Wisniewski, principal research scientist, Sophos.<\/p>\n<p>As the percentage of retail organisations attacked by ransomware increased, so did the average ransom payment.<\/p>\n<p>In 2021, the average ransom payment was $226,044 compared to $147,811 in 2020. However, this was less than one-third the cross-sector average ($812,000).<\/p>\n<p>\u201cIt\u2019s likely that different threat groups are hitting different industries.&#8221;<\/p>\n<p>&#8220;Some of the low-skill ransomware groups ask for $50,000 to $200,000 in ransom payments, whereas the larger, more sophisticated attackers with increased visibility demand $1 million or more,\u201d says Wisniewski.<\/p>\n<p>\u201cWith Initial Access Brokers (IABs) and Ransomware-as-a-Service (RaaS), it\u2019s unfortunately easy for bottom-rung cybercriminals to buy network access and a ransomware kit to launch an attack without much effort. Individual retail stores and small chains are more likely to be targeted by these smaller opportunistic attackers,\u201d says Wisniewski.<\/p>\n<p>Additional findings include:<\/p>\n<ul>\n<li>While the retail sector was the second most targeted industry, the perceived increase in the volume and complexity of cyberattacks against the industry were slightly below the cross-sector average.<\/li>\n<li>In 2021, the overall cost to retail organisations to remediate a ransomware attack was $1.27 million, down from $1.97 million in 2020.<\/li>\n<li>When compared to 2020, the amount of data recovered after paying the ransom decreased to 62%, as did the percentage of retail organisations that got all their data back.<\/li>\n<\/ul>\n<p>In light of the survey findings, Sophos experts recommend the following best practices for all organisations across all sectors:<\/p>\n<ul>\n<li>Install and maintain high-quality defences across all points in the environment. Review security controls regularly and make sure they continue to meet the organisation\u2019s needs.<\/li>\n<li>Proactively hunt for threats to identify and stop adversaries before they can execute attacks \u2013 if the team lacks the time or skills to do this in-house, outsource to a Managed Detection and Response (MDR) team.<\/li>\n<li>Harden the IT environment by searching for and closing key security gaps: unpatched devices, unprotected machines, and open RDP ports, for example. Extended Detection and Response (XDR) solutions are ideal for this purpose.<\/li>\n<li>Prepare for the worst and have an updated plan in place of a worst-case incident scenario.<\/li>\n<li>Make backups, and practice restoring them to ensure minimal disruption and recovery time.<\/li>\n<\/ul>\n<p>\u201cWe suggest speaking to our Sophos team to find the right solution for retail operation cybersecurity, to ensure that ransomware attacks are minimised,\u201d says Anderson.<\/p>\n<p>For more information contact Duxbury Networking, <strong>+27 (0) 11 351 9800, <a href=\"mailto:info@duxnet.co.za\" target=\"_blank\" rel=\"noopener\">info@duxnet.co.za<\/a>, <a href=\"https:\/\/store.duxbury.co.za\/?utm_source=BoradMedia&amp;utm_medium=Article&amp;utm_term=October+2022\" target=\"_blank\" rel=\"noopener\">www.duxbury.co.za<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>An incredible 77% of retail organisations were hit with ransomware in 2021, a 75% increase in one year.<\/p>\n","protected":false},"author":57,"featured_media":638025,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10459],"tags":[14323],"class_list":["post-638005","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-industry-news","tag-duxbury-networking"],"_links":{"self":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts\/638005","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/users\/57"}],"replies":[{"embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/comments?post=638005"}],"version-history":[{"count":2,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts\/638005\/revisions"}],"predecessor-version":[{"id":638029,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/posts\/638005\/revisions\/638029"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/media\/638025"}],"wp:attachment":[{"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/media?parent=638005"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/categories?post=638005"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/businesstech.co.za\/news\/wp-json\/wp\/v2\/tags?post=638005"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}