2021 Ransomware Victims Report

The Cold Reality of Ransomware Attacks

Ransomware is one of the most widely discussed threats in cybersecurity. However, not enough research exists about the experiences of organizations that have actually suffered from ransomware attacks.

For this report, Sapio Research Ltd—an independent research firm—surveyed 200 IT decision makers whose organizations experienced a ransomware attack between 2019 and 2021.

The findings reveal the cold, hard truth about such attacks:

1. They are hard to prevent even when you’re prepared.
2. Ransomware can penetrate quickly, significantly impacting an organization’s financials, operations, customers, employees and reputation.
3. Even if you pay the ransom, there are other related costs that can be significant.

All this highlights the need for organizations to put more focus on ensuring they can recover quickly and easily from an attack without having to pay ransom. At the end of this report, we offer suggestions for how IT leaders can do so.

But first, let’s look at three key lessons from the survey.

Lesson #1: Despite defensive measures, ransomware gets in

All survey respondents had one or more security measures in place, but ransomware was still able to penetrate the defenses.

Phishing continues to be one of the easiest paths for ransomware

Phishing was one of the most common points of entry, with 24% of ransomware attacks starting this way. That number rises to 41% when looking at organizations with fewer than 500 employees.

Phishing succeeded despite the fact that 65% of those that reported it as the entry point had conducted anti-phishing training for their employees. This reflects the increasing sophistication of phishing schemes, with attackers now mimicking emails from trusted associates such as high-level executives (known as “whaling” attacks). These emails will sometimes include personal details, usually gleaned from social media, making it more likely that even a wary individual will fall prey.

Download report