According to new data from Sophos, the retail sector has become one of the most frequent targets for ransomware and data-theft attacks. In its recent “The State of Ransomware in Retail 2021” study, the cybersecurity company noted that the COVID-19 pandemic ushered in an era whereby stores that have embraced online commerce face more and more strikes of this nature.
The report polled 5,400 IT “decision makers,” including 435 retail IT managers in 30 countries. Other sectors represented included IT and telecommunications, financial services, education, healthcare, construction, transport, energy, utilities, media and government areas.
Retail and education faced the highest quantity of ransomware attacks for 2020, with 44 percent of organizations falling victim; other industry sectors had 37 percent penetration. More troublingly, 54 percent of retail groups hit noted that critical data was encrypted by the hackers, with 32 percent of those opting to pay the demand. Average ransom payout was $147,811.
Costs for addressing a retail ransomware strike was $9.7 million on average, and factored in downtime, people time, device cost, network cost, lost opportunity and ransom payout.
Sophos noted that retail organizations should prioritize:
- Strengthening their defenses against ransomware.
- Investing in modern infrastructure.
- Bolstering cybersecurity technology and skills.
