Report: Ransomware Attacks and the True Cost to Business 2022

Ransomware continues to dominate the threat landscape in 2022. Organizations are under siege from a wide variety of threats, but ransomware offers threat actors a unique combination of very low risk with very high reward—which is why the volume of ransomware attacks nearly doubled from the previous year, and the total cost of ransomware was estimated to exceed $20 billion.

Ransomware began as little more than a new type of malware exploit with a different payload—generating revenue by extorting payment from victims—but it has evolved into a complex business model. The malware payload is just one element of the much larger ransomware operation, or RansomOp, that make today’s attacks far more sophisticated and insidious. 

Cybereason has published results from our second annual ransomware study to better understand the true impact on businesses. 

The report, titled Ransomware: The True Cost to Business Study 2022, tapped the experiences of more than 1,400 global cybersecurity professionals and revealed that 73% of organizations suffered at least one ransomware attack in 2022, compared with just 55% in the 2021 study. 

The study also once again finds that ‘it doesn’t pay-to-pay’ a ransom demand, as 80% of organizations that paid were hit by ransomware a second time, with 68% saying the second attack came less than a month later and threat actors demanded a higher ransom amount.

Other key findings in the research include:

  • A Weak Supply Chain Leads to Ransomware Attacks: Nearly two-thirds (64%) of companies believe the ransomware gang got into their network via one of their suppliers or business partners. 
  • Ransom Demands Increase with Each Attack: Nearly 70% of companies paid a higher ransom demand the second time.
  • Ransomware Attacks Lead to Business Disruptions: Nearly one-third (31%) of businesses were forced to temporarily or permanently suspend operations following a ransomware attack. 
  • Layoffs Result from Ransomware Attacks: Nearly 40% of organizations laid off staff as a result of the attack. 
  • Senior Leadership Attrition: 35% of companies suffered C-level resignations following a ransomware attack.
  • Organizations Don’t Have the Right Tools: 60% of organizations admitted that ransomware gangs were in their network up to six months before they discovered them. This points to the double extortion model where attackers first steal sensitive data then threaten to make it public if the ransom demand is not paid.

Given the ongoing threat that these attacks pose to organizations, this second annual study examines how ransomware continues to impact the business, the outcomes organizations are reporting after having been the target of a ransomware attack, and the strategies companies large and small are implementing to better prepare for an attack.

The best defense against ransomware attacks is to ensure your data is not stolen or encrypted in the first place through effective prevention, detection and response. It is our hope that your organizations will find this report insightful and that it will serve to inform your organization’s strategies to remain undefeated by ransomware.

The full report can be found here: Ransomware: The True Cost to Business Study 2022. See also our recent report Ransomware: Inside Complex RansomOps and the Ransomware Economy for a deep-dive into modern ransomware operations.

Cybereason is dedicated to teaming with defenders to end ransomware attacks on the endpoint, across enterprise, to everywhere the battle is taking place. Learn more about predictive ransomware defense here or schedule a demo today to learn how your organization can benefit from an operation-centric approach to security.

Cybereason Team
About the Author

Cybereason Team

Cybereason is dedicated to partnering with Defenders to end attacks at the endpoint, in the cloud and across the entire enterprise ecosystem. Only the AI-driven Cybereason XDR Platform provides predictive prevention, detection and response that is undefeated against modern ransomware and advanced attack techniques. The Cybereason MalOp™ instantly delivers context-rich attack intelligence across every affected device, user and system with unparalleled speed and accuracy. Cybereason turns threat data into actionable decisions at the speed of business.

All Posts by Cybereason Team