Ransomware Attacks: What to Know for 2022

Ransomware attacks have impacted 37% of organizations in the past year, according to Sophos’ annual ransomware survey, The State of Ransomware 2021. As ransomware continues to be one of today’s top business threats, organizations must be proactive in minimizing the risk of falling victim and reducing damage in the event of an attack.

As ransomware attacks become more common, organizations should stay up to date on the following trends:

  • Email is the most common ransomware delivery method. Phishing emails containing malicious attachments or links lure victims into opening them.
  • Data exfiltration is surging. Coveware analysis shows that data exfiltration occurs in 70% of ransomware attacks. Data exfiltration is the unauthorized transfer or download of software from your computer network onto an outside device.
  • Demands are rising. The average ransom payment increased by 518% in the first half of 2021 compared to 2020, according to research from security consulting group Unit 42. Unfortunately, in turn these increased demands are causing cyber insurance premiums to surge. In the first half of 2021, the average ransomware recovery cost more than doubled to $1.85 million from $760,000 in 2020.

To avoid becoming the victim of a ransomware attack, organizations should:

  • Conduct employee training on cyber safety. According to Cybint, 95% of cybersecurity breaches are caused by human error, making it imperative for organizations to train employees to look for phishing emails or fraudulent links.
  • Back up data frequently and offline. Ransomware can infect and encrypt any system it accesses. Maintaining an offline backup can mitigate the risk of data becoming compromised. Organizations should also increase the frequency of backups since all data not backed up can be lost during a ransomware attack.
  • Maintain up-to-date operating systems and software. Ensure applications and operating systems are patched with the latest updates to reduce the number of entry points available to an attacker.


If a ransomware attack does occur, organizations should have a response plan in place. For more cybersecurity guidance, contact us today. Be sure to follow us on LinkedIn and like us on Facebook for more industry news and updates.


Related Links: