Delinea: Ransomware Attacks Down 61% in 2022, Ransom Payments Also Drop

Here’s some unexpected news. The number of organizations victimized by ransomware attacks sharply declined in 2022, as did the number of organizations paying ransom.

That’s according to Delinea‘s 2022 State of Ransomware Report. The survey of 300 U.S.-based IT decision makers, conducted on Delinea’s behalf by Censuswide, found that only 25% of organizations were victims of ransomware attacks in 2022. That’s a 61% decline from the previous 12-month period when 64% of organizations reported being victims.

Furthermore, the number of victimized companies that paid the ransom declined from 82% to 68%. That could be a sign that organizations are heeding warnings and recommendations from the FBI not to pay ransoms.

Larger companies are much more likely to be victims of ransomware. Fifty-six percent of companies with 100 or more employees said they were victims of ransomware attacks.

Consequences of Ransomware Attacks in 2022

The survey also revealed the consequences of ransomware attacks are now more tangible, as more respondents specified that their companies lost revenue (56%) and customers (50%) compared to the previous year. Fewer organizations (43%) reported reputational damage as a result of being victims of a ransomware attack.

Joseph Carson is Delinea‘s chief security scientist and advisory CISO. He said the declines show organizations learned from past mistakes, and have shored up protections against this attack approach.

Delinea’s Joseph Carson

“It’s also interesting that fewer companies are paying the ransom when victims of an attack, which could be attributed to having better data backups, leveraging cyber insurance or simply taking advice from organizations like the FBI,” he said.

However, companies are backsliding or stagnating in ransomware protection measures, Carson said. Fewer organizations have an incident response plan, and fewer have budget allocations specifically to protect against ransomware.

Ransomware Still Significant Threat to All Organizations

Ransomware is still a significant concern and threat to any organization, Carson said. Some of the signs of complacency in the survey could be a harbinger of an increase in ransomware in 2023.

“Our latest ransomware report shows that larger organizations do tend to be victims more than smaller ones,” he said. “But that can’t be associated with a reduced risk for any specific type or organization. The reality is that any organization is a potential target for ransomware, and must be prepared for when – not if – they are attacked.”

Any time focus is taken away from the risks that are present, that amplifies the risk, Carson said. That focus could mean strategy and planning, day-to-day monitoring, or monetary investments in the right technologies to avoid becoming a victim. Vigilance is always required. And when it comes to cybersecurity, it’s even more critical.

“There are several ways organizations can protect themselves from ransomware attacks,” he said. “Some of them are fairly obvious after-the-fact protections such as performing frequent data backups, having a comprehensive incident response plan, and investing in cyber insurance policies that cover ransomware recovery and payments. But organizations should take a more proactive approach to cybersecurity, in particular where they are most vulnerable to these types of attacks, namely identity and access controls. By taking a least-privilege approach founded on zero trust principles and enforced by methods such as password vaulting and multifactor authentication (MFA), organizations can significantly reduce their vulnerability to ransomware attacks.”