Ransomware attacks are underreported and do not accurately describe the current threat landscape, as many victims refuse to disclose incidents, according to ZDNet
ENISA, the European Union's cybersecurity agency, found that aside from ransomware victims failing to report being impacted by attacks, ransom payments could not be confirmed in 94.2% of 632 ransomware events reported across the U.S., U.K., and the EU from May 2021 to June 2022.
"The lack of reliable data from targeted organizations makes it very hard to fully understand the problem or even know how many ransomware cases there are," said the report.
Ransomware investigations are also being hampered by the lack of transparency, noted ENISA.
"Ransomware is thriving, and our research shows that threat actors are conducting indiscriminate attacks. Companies of every size across all sectors are affected. Anyone can become a target. We urge organizations to prepare for ransomware attacks and consider possible consequences before attacks occur," added the report.