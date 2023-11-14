Retail organizations have been facing mounting difficulties in thwarting ransomware attacks, with a meager 26% able to halt cyber hijackings before their data is encrypted. This statistic, revealed in Sophos’ annual report, “State of Ransomware in Retail 2023,” marks a three-year low for the industry, representing a decline from 2021’s 34% and 2022’s 28%.

Chester Wisniewski, Sophos’ Director and Global Field Chief Technology Officer, lamented that “retailers are losing ground in the battle against ransomware.” As cybercriminals increasingly encrypt a larger portion of their retail victims’ data, retailers must bolster their defensive measures implementing security protocols that detect and respond to intrusions earlier in the attack chain.

The report, based on a survey of 3,000 IT/cybersecurity leaders from organizations with 100 to 5,000 employees across 14 countries, exposed additional concerning findings within the retail sector. Notably, 71% of retail organizations reported successful encryption of their data, marking the highest rate over the past three years. Furthermore, the percentage of retail organizations falling victim to ransomware attacks decreased from 77% in the previous year to 69%.

However, recovery times painted a less optimistic picture, with only 9% of retail organizations reclaiming data in under a day, compared to the 15% recorded in the previous year. Alarmingly, the proportion of retail organizations requiring over a month to recover increased from 17% to 21%. The cost of meeting attackers’ demands was also a significant factor, significantly overshadowing organizations that utilized backups for data recovery. Those who acquiesced to ransom demands faced four times the recovery costs compared to those who relied on backups ($3,000,000 versus $750,000).

Sophos, a cybersecurity solutions provider, puts forth a series of recommendations to bolster retail organizations’ defenses against ransomware attacks. These best practices include implementing robust security tools to combat common attack vectors, deploying Zero Trust Network Access (ZTNA) to mitigate compromised credentials, adopting adaptive technologies that automatically respond to attacks, and establishing 24/7 threat detection and response capabilities. Additionally, retailers are advised to prioritize attack preparation, ensuring regular backups, practice data recovery from backups, and maintain an up-to-date incident response plan. Timely patching and routine review of security tool configurations are also essential for maintaining security hygiene.

