Last year, mid-sized financial services organizations spent more than $2 million on an average recovery from a ransomware attack. 25% of them chose to pay the ransom, a survey by cybersecurity company Sophos revealed.
Financial services are among the most highly regulated industries in the world. Organizations must adhere to myriad regulations, including SOX, GDPR, and PCI DSS, pricey penalties for non-compliance, and data breaches. While it ensures they are a harder nut for cybercriminals to crack, the recovery becomes very costly once they get attacked.
On average, financial services providers worldwide spent $2 million to recover from a cyberattack. This figure exceeds the global average of $1.85 million.
Sophos' research showed that 34% of the financial services organizations surveyed were hit by ransomware in 2020. 51% of the organizations impacted said the attackers succeeded in encrypting their data. 25% paid the ransom demanded to get their encrypted data back. This is the second-lowest payment rate of all industries surveyed. The global average was 32%.
"Strict guidelines in the financial services sector encourage strong defenses," John Shier, senior security advisor at Sophos, is quoted in a press release. "Unfortunately, they also mean that a direct hit with ransomware is likely to be very costly for targeted organizations. If you add up the price of regulatory fines, rebuilding IT systems, and stabilizing brand reputation, especially if customer data is lost, you can see why the survey found that recovery costs for mid-sized financial services organizations hit by ransomware in 2020 were in excess of $2 million."
The survey polled 5,400 IT decision-makers, including 550 in financial services organizations in 30 countries across Europe, the Americas, the Asia-Pacific, Central Asia, the Middle East, and Africa.
"Two other slightly worrying data points are the fact that a small, but significant, 8% of financial services organizations experienced what are known as 'extortion' attacks, where data is not encrypted, but stolen, and victims are threatened with the online publication of their data unless they pay the ransom. Backups cannot protect against this risk, so financial services organizations should not rely on them as an anti-extortion defense. Further, 11% of the financial organizations surveyed believe they won't get hit because they are 'not a target.' This is a dangerous perception because anyone can be a target. The best approach is to assume you will be a target and to build your defenses accordingly."
Of the financial services organizations that believe they'll be hit by ransomware in the future, 47% said this is because attacks are now so sophisticated they have become harder to stop. 45% feel they'll become a target because other organizations in their industry have already been targeted with ransomware. 40% believe that since ransomware is so prevalent, they'll inevitably get hit by cybercrime.
"The financial sector has too much at stake to not set up an in-depth defensive plan to protect, detect, and block cyberattackers," said Shier. "While they should continue to invest in backups and their disaster recovery efforts to minimize the impact of an attack, they should also look to extend their anti-ransomware defenses by combining technology with human-led threat hunting to neutralize today's advanced human-led cyberattacks."
More from CyberNews:
Subscribe to our newsletter