Ransomware attacks have impacted only 25% of U.S. organizations during the past year, representing a 61% drop from 2021, according to VentureBeat.
Sixty-eight percent of companies hit by ransomware paid demanded ransoms last year, compared with 82% in 2021, a report from Delinea revealed. However, the rate of organizations with incident response plans declined from 94% in 2021 to 71% in 2022, indicating that entities are becoming increasingly complacent against ransomware attacks.
"Ransomware is still a significant concern and threat to any organization, and some of the signs of complacency we saw evidenced in the survey research could be a harbinger of an increase in ransomware in 2023," said Delinea Chief Security Scientist and Advisory Chief Information Security Officer Joseph Carson.
Carson noted that the persistent threat of ransomware attacks should prompt organizations to invest in proactive cybersecurity measures aimed at strengthening their identity and access controls, such as multi-factor authentication and password vaulting.
CNN reports that a potential compromise of the Department of Homeland Security's sensitive physical security details is being looked into by the department's senior officials following a ransomware attack against contractor and major building automation systems manufacturer Johnson Controls International.
Most organizations impacted by ransomware attacks have been noted by the FBI to be experiencing another intrusion involving a different ransomware variant within 48 hours of each other, BleepingComputer reports.