Ransomware costs financial services organizations more than $2 million in recovery. Sophos released findings from its survey report, “The State of Ransomware in Financial Services 2021,” revealing that mid-sized financial services businesses throughout the world spent more than $2 million on average recovering from a ransomware assault. Despite the fact that the banking industry is among the most robust to ransomware, this number exceeds the global average of $1.85 million. Almost two-thirds (62 percent) of victims polled in this industry were able to restore encrypted data from backups. The poll looked at the scope and magnitude of ransomware attacks in 2020.
Other findings include:
Financial services is one of the world’s most heavily regulated businesses. Organizations must comply with a slew of rules, including SOX, GDPR, and PCI DSS, which impose steep fines for non-compliance and data breaches. Many of these businesses must also establish business continuity and disaster recovery strategies in order to reduce the impact of data breaches or operational disruptions caused by a cyberattack.
“Strict guidelines in the financial services sector encourage strong defenses,” said John Shier,senior security advisor, Sophos.
Also added, “Unfortunately, they also mean that a direct hit with ransomware is likely to be very costly for targeted organizations. If you add up the price of regulatory fines, rebuilding IT systems and stabilizing brand reputation, especially if customer data is lost, you can see why the survey found that recovery costs for mid-sized financial services organizations hit by ransomware in 2020 were in excess of $2 million.
“Two other slightly worrying data points are the fact that a small, but significant, 8% of financial services organizations experienced what are known as ‘extortion’ attacks, where data is not encrypted, but stolen and victims are threatened with the online publication of their data unless they pay the ransom. Backups cannot protect against this risk, so financial services organizations should not rely on them as an anti-extortion defense. Further, 11% of the financial organizations surveyed believe they won’t get hit because they are ‘not a target.’ This is a dangerous perception because anyone can be a target. The best approach is to assume you will be a target and to build your defenses accordingly.”
47 percent of financial services firms expect they will be targeted by ransomware in the future because attacks have become more complex and difficult to resist. Because other firms in their field have previously been struck with ransomware, 45% believe they will become a target. Because ransomware is so common, 40% believe it is unavoidable that they would be victimised by the cybercrime.
“The financial sector has too much at stake to not set up an indepth defensive plan to protect, detect and block cyberattackers,” said Shier.
Also said, “While they should continue to invest in backups and their disaster recovery efforts to minimize the impact of an attack, they should also look to extend their anti-ransomware defenses by combining technology with human-led threat hunting to neutralize today’s advanced human-led cyberattacks.”
The “Sate of Ransomware in Financial Services 2021”report is available on Sophos.com.
The State of Ransomware in Financial Services 2021 survey interviewed 5,400 IT decision makers in 30 countries spanning Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa, including 550 in financial services businesses.