Research: 20% of All Reported Ransomware Attacks Occurred in the Last 12 Months

Some 20% of all reported ransomware attacks occurred in the past 12 months, with six in 10 springing from phishing expeditions, security provider Hornetsecurity, a cloud email security and backup provider, said in a new report.

Ransomware Attacks Increase

The study, which gleaned data from a survey of 2,000 IT professionals, also found that many businesses may not be helping themselves by not pushing back hard enough on the hackers, declining the FBI’s advice not to pay ransoms. According to Hornet’s data, roughly 7% paid the ransom and 14% lost data, proving an incentive for extortionists to attack harder and raise the stakes. Still, the figures could be far higher.

Roughly 25% of businesses have been hit by a ransomware attack in 2022, a 3% spike from last year, Hornet said.

In general, organizations victimized by a ransomware freeze lack knowledge on security available to them, the study found. One quarter (25%) of IT professionals either don't know or don't think that Microsoft 365 data can be impacted by a ransomware attack. About 40% of IT professionals that use Microsoft 365 in their organization admitted they do not have a recovery plan in case their Microsoft 365 data was compromised by a ransomware attack.

Disaster Plans Lacking

Businesses are also unprepared should they be targeted by ransomware hackers. Many do not have a disaster recovery plan in place if they do succumb to the heightened threat of a cyberattack, and the number isn’t decreasing. In 2021, 16% of respondents reported having no disaster recovery plan in place as compared to the 19% in 2022, the rise in ransomware attacks notwithstanding.

Daniel Hofmann, Hornetsecurity chief executive, put the current cyberattack climate into perspective: