Biden says 'order must prevail' after UCLA Gaza protest camp cleared    Alarm in Israel at reports of possible ICC legal action over Gaza    Turkey halts trade with Israel over 'humanitarian tragedy' in Gaza    NEOM demonstrates cutting-edge airport technologies to Jawazat chief    Energy minister emphasizes Saudi –Uzbek collective role in confronting climate change    Police clear out pro-Palestinian encampment at UCLA and detain protesters    Saudi Arabia launches Nusuk pilgrim card for the Hajj of 2024    Lulu celebrates golden harvest of Saudi mango season    Loay Nazer announces candidacy for presidency of Al-Ittihad    Al-Nassr sets up thrilling clash with Al-Hilal in King's Cup final after defeating Al-Khaleej    Saudi minister reveals 75% funding for qualitative industrial projects in meeting with Qatari investors    International conference on judicial training to explore digital transformation    Saudi student's 'My Child' app wins acclaim at Swift Student challenge    Karim Benzema seeks medical consultation in Madrid for ongoing injuries    Secondary school graduates can get enrolled in universities across all Saudi regions    Al-Hilal beats Al-Ittihad in heated King's Cup semi-final    Infinix GT 20 Pro flagship launch: Revolutionizing esports-level gaming and ushering in a new era of the holistic gaming universe    SFDA: Breast-milk substitute products are sugar-free complying with Saudi specifications    'Zarqa Al Yamama': Riyadh premieres first Saudi opera    Australian police launch manhunt for Home and Away star Orpheus Pledger    JK Rowling in 'arrest me' challenge over hate crime law    Trump's Bible endorsement raises concern in Christian religious circles    Hollywood icon Will Smith shares his profound admiration for Holy Qur'an    We have celebrated Founding Day for three years - but it has been with us for 300    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Paying the ransom doubles cost of recovering from a ransomware attack: Sophos
The Saudi Gazette Published in The Saudi Gazette on 13 - 05 - 2020

Sophos, a global leader in next-generation cybersecurity, today announced the findings of its global survey, The State of Ransomware 2020, which reveals that paying cybercriminals to restore data encrypted during a ransomware attack is not an easy and inexpensive path to recovery.
In fact, the total cost of recovery almost doubles when organizations pay a ransom. The survey polled 5,000 IT decision makers in organizations in 26 countries across six continents, including Europe, the Americas, Asia-Pacific and central Asia, the Middle East, and Africa.
More than half (51%) of organizations had experienced a significant ransomware attack in the previous 12 months, compared to 54% in 2017. In the MEA region, 43% of the organizations surveyed mentioned a ransomware attack in the last one year.
Globally Data was encrypted in nearly three quarters (73%) of attacks that successfully breached an organization, while in the MEA region, it was 63%. The average cost of addressing the impact of such an attack, including business downtime, lost orders, operational costs, and more, but not including the ransom, was more than $730,000.
This average cost rose to $1.4 million, almost twice as much, when organizations paid the ransom. More than one quarter (27%) of organizations hit by ransomware admitted paying the ransom. The survey also revealed 23% of the organizations that were attacked in the MEA region admitted to paying the ransom.
"Organizations may feel intense pressure to pay the ransom to avoid damaging downtime. On the face of it, paying the ransom appears to be an effective way of getting data restored, but this is illusory. Sophos' findings show that paying the ransom makes little difference to the recovery burden in terms of time and cost.
"This could be because it is unlikely that a single magical decryption key is all that's needed to recover. Often, the attackers may share several keys and using them to restore data may be a complex and time-consuming affair," said Chester Wisniewski, principal research scientist, Sophos.
More than half (56%) the IT managers surveyed were able to recover their data from backups without paying the ransom compared to 60% in the MEA region. In a very small minority of cases (1%) globally and 3% in the MEA region, paying the ransom did not lead to the recovery of data. This figure rose to 5% for public sector organizations. In fact, 13% of the public sector organizations surveyed never managed to restore their encrypted data, compared to 6% overall.
However, contrary to popular belief, the public sector was least affected by ransomware, with just 45% of the organizations surveyed in this category saying they were hit by a significant attack in the previous year. At a global level, media, leisure and entertainment businesses in the private sector were most affected by ransomware, with 60% of respondents reporting attacks.
Attackers increase pressure to pay
SophosLabs researchers have published a new report, Maze Ransomware: Extorting Victims for 1 Year and Counting, which looks at the tools, techniques and procedures used by this advanced threat that combines data encryption with information theft and the threat of exposure.
This approach, which Sophos researchers have also observed being adopted by other ransomware families, like LockBit, is designed to increase pressure on the victim to pay the ransom. The new Sophos report will help security professionals better understand and anticipate the evolving behaviors of ransomware attackers and protect their organizations.
"An effective backup system that enables organizations to restore encrypted data without paying the attackers is business critical, but there are other important elements to consider if a company is to be truly resilient to ransomware," added Wisniewski.
"Advanced adversaries like the operators behind the Maze ransomware don't just encrypt files, they steal data for possible exposure or extortion purposes. We've recently reported on LockBit using this tactic. Some attackers also attempt to delete or otherwise sabotage backups to make it harder for victims to recover data and increase pressure on them to pay.
"The way to address these malicious maneuvers is to keep backups offline, and use effective, multi-layered security solutions that detect and block attacks at different stages." — SG

Clic here to read the story from its source.