Retail industry increasingly targeted by ransomware attacks

Seventy-seven percent of mid-sized retail organizations experienced ransomware attacks last year, representing a 75% increase from 2020, while organizations impacted by attacks paid an average ransom of $226,044 in 2021, compared with $147,811, according to The Record, a news site by cybersecurity firm Recorded Future. Despite the increase in ransomware prevalence and demands in retail, which was found to have the highest ransomware attack rate across all surveyed industries, fewer than 50% of respondents felt the increase in ransomware volumes and complexity, a report from Sophos revealed. "This is very concerning as it suggests that despite their failures in defending themselves, they may not be taking the threat seriously enough. Security should be viewed similar to an insurance policy money well spent preventing much costlier outcomes. With more than three in four organizations falling victim, it seems attacks are nearly inevitable," said Sophos Principal Research Scientist Chester Wisniewski. However, the findings showed a 46% decline in ransomware remediation costs in retail between 2020 and 2021, which Wisniewski attributed to the quick action of insurance companies. Retail also continued to have significantly lower ransomware payments than other sectors, he added.