97% of Ransomware Victims Seek Help From Law Enforcement, Sophos Report

97% of organisations hit by ransomware over the past year engaged with law enforcement and/or official government bodies for help with the attack. This is according to “State of Ransomware 2024” survey released by cybersecurity firm Sophos. 

The survey further notes that more than half (59%) of those organizations that did engage with law enforcement found the process easy or somewhat easy. Only 10% of those surveyed said the process was very difficult. 

Based on the survey, impacted organizations reached out to law enforcement and/or official government bodies for a range of assistance with ransomware attacks. Sixty-one percent reported they had received advice on dealing with ransomware, while 60% received help investigating the attack. Fifty-eight percent of those that had their data encrypted received help from law enforcement to recover their data from the ransomware attack.

“Companies have traditionally shied away from engaging with law enforcement for fear of their attack becoming public. If they are known to have been victimized it could impact their business reputation and make a bad situation worse. Victim shaming has long been a consequence of an attack, but we’ve made progress on that front, both within the security community and at the government level. New regulations on cyber incident reporting, for example, appear to have normalized engaging with law enforcement, and this survey data shows organizations are taking steps in the right direction,” said Chester Wisniewski, director, Field CTO, Sophos.’

“If the public and the private sectors can continue to galvanize as a group effort to help businesses, we can continue to improve our ability to recover quickly and gather intelligence to protect others or even potentially hold those conducting these attacks responsible.”

Recent in-the-field findings from Sophos X-Ops’ Active Adversary report highlighted the continued threat of ransomware to small-and-medium sized businesses. Data from more than 150 incident response (IR) cases in 2023 found that ransomware was, for the fourth year running, the most frequently encountered attack type, occurring in 70% of IR cases Sophos X-Ops investigated. 

Data for the State of Ransomware 2024 report comes from a vendor-agnostic survey of 5,000 cybersecurity/IT leaders conducted between January and February 2024.

Respondents were based in 14 countries across the Americas, EMEA and Asia Pacific. Organizations surveyed had between 100 and 5,000 employees, and revenue ranged from less than $10 million to more than $5 billion.

The report is available for download here. 

Follow us on Telegram, Twitter, and Facebook, or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates. Send tips to info@techtrendske.co.ke.