The retail sector became a top target for ransomware and data-theft extortion attacks during the pandemic, as revealed in Sophos’ State of Ransomware in Retail 2021 report. Based on an independent survey of 435 IT decision makers, it explores the extent and impact of ransomware attacks on mid-sized retail organization worldwide during 2020.
Retail is at the ransomware frontline
The results show that retail, together with education, was the sector most hit by ransomware in 2020 with 44% of organizations hit (compared to 37% across all industry sectors). Over half (54%) of the retail organizations hit by ransomware said the attackers had succeeded in encrypting their data.
Cybercriminals were quick to exploit opportunities presented by the pandemic, which in the retail sector was primarily the rapid growth in online transactions. While IT teams were busy enabling and managing this change (nearly three quarters (72%) of respondents said their cybersecurity workload increased over 2020), adversaries targeted them with ransomware attacks.
A target for extortion-only attacks
The survey also found that retail organizations were particularly vulnerable to a small but growing new trend: extortion-only attacks, where the ransomware operators don’t encrypt files but threaten to leak stolen information online if a ransom demand isn’t paid. More than one in ten (12%) retail ransomware victims experienced this, nearly double the cross-sector average, and only central government (13%) was more affected.
A third of retail organizations pay the ransom
Paying up doesn’t pay off
Many people assume, understandably, that once you pay the ransom you get all your data back. The survey has revealed that this is not the case. Within the retail sector, those who paid got back on average only two-thirds (67%) of their data, leaving a third inaccessible; and just 9% got all their encrypted data back. This emphasises the vital importance of having backups from which you can restore in the event of an attack.
The silver lining
Fortunately, it’s not all bad news: the retail sector the most likely to report that their IT teams were able to enhance their cybersecurity skills and knowledge over the course of 2020. While adapting to the pandemic and the increase in online trading created considerable workload, it also provided new learning opportunities that they can take with them into the year ahead.
Read the full report
To learn more about the impact of ransomware on the retail sector around the globe, read the full State of Ransomware in Retail 2021 report.
Source: Sophos