Ransomware: Publicly Reported Incidents are only the tip of the iceberg
As one of the most devastating types of cybersecurity attacks over the last decade, ransomware has grown to impact organisations of all sizes across the globe.
What is ransomware?
Ransomware is a type of cybersecurity attack that allows threat actors to take control of the assets of a target and demand ransom for the availability and confidentiality of these assets.
What the report covers
This threat landscape report analysed a total of 623 ransomware incidents across the EU, the United Kingdom and the United States for a reporting period from May 2021 to June 2022. The data was gathered from governments’ and security companies’ reports, from the press, verified blogs and in some cases using related sources from the dark web.
The findings and what they tell us
Between May 2021 and June 2022 about 10 terabytes of data were stolen each month by ransomware threat actors. 58.2% of the data stolen included employees’ personal data.
At least 47 unique ransomware threat actors were found.
For 94.2% of incidents, we do not know whether the company paid the ransom or not. However, when the negotiation fails, the attackers usually expose and make the data available on their webpages. This is what happens in general and is a reality for 37,88% of incidents.
We can therefore conclude that the remaining 62,12% of companies either came to an agreement with the attackers or found another solution.
The study also shows that companies of every size and from all sectors are affected.
Source: European Union Agency for Cybersecurity (ENISA)