ExtraHop finds 91% of ransomed organisations made payments last year


ExtraHop, the cloud-native network detection and response (NDR) solutions provider, has released its third annual Global Cyber Confidence Index, which found organisations are generally ill-equipped to manage and mitigate their cyber risk following a significant increase in ransomware attacks and cybersecurity incident downtime.

Although an overwhelming majority (88%) of IT and cybersecurity decision makers said they are confident in their organisations’ ability to manage cyber risk, most acknowledged that they are frequently the victim of ongoing threats, and falling behind when it comes to identifying and remediating threats.

Amid a recent onslaught of attacks against the world’s most profitable industries and critical infrastructures, and regulatory bodies like the SEC tightening compliance rules, understanding an organisation’s ability to effectively manage cyber risk is more critical than ever before. 

Key insights from the report include:

Cyberattackers are raking in ransomware payments 

Nearly one in four (22%) respondents deemed ransomware the biggest risk to their organisation - an unsurprising finding as about half say they are still running at least one insecure network protocol that threat actors are known to exploit in ransomware attacks. Highlighting this concern, 58% said they experienced six or more ransomware incidents in 2023 (up 32% year over year). On the heels of BlackCat’s attack on Change Healthcare, healthcare was among the top industries impacted by ransomware, with organisations averaging nine incidents each last year.

Of those surveyed, almost all that experienced a ransomware attack paid up; in 2023, 91% paid the ransom, compared to 83% in 2023 and 72% in 2022. On average, the research found ransomware payments alone cost nearly $2.5 million per organisation in the last year - before adding in the unrealized costs associated with remediation.

Downtime is draining organisations of their time and money

When discussing the impact cybersecurity pitfalls have on their businesses, respondents said they averaged 56 hours of downtime following a security incident last year. Downtime for industrial companies hit slightly higher at 58 hours, and, with recent research calculating the median cost of industrial downtime at nearly $125,000 per hour, these companies could lose upwards of $7.25 million per incident.

The largest organisations surveyed (5,000+ employees) experienced the most downtime at nearly 62 hours on average per incident. Globally, France led downtime at 68 hours, followed by the United States (63 hours) and Australia (62 hours).

Organisations are putting their faith in AI

Organisations are overwhelmed by a multitude of barriers holding them back from effectively managing cyber risk, citing immature risk management processes (21%), the inability to catch up in a fast-paced industry (18%), a lack of alignment between the cybersecurity organisation and the business (16%), outdated technology (15%), insufficient personnel resources (14%), and insufficient budgets (13%). 

In response to this widespread set of unique challenges, more than a third (38%) of respondents agree using AI and machine learning to help manage and mitigate cyber risk is a top priority for their organisation this year.

“Cyber risks are inevitable and no single organisation is immune to the threat bad actors pose to their business,” said Raja Mukerji, co-founder and Chief Scientist, ExtraHop. “With ransomware and downtime on the rise and ripple effects being felt throughout entire organisations, leaders are recognising an inherent need to prioritise cybersecurity, and, better yet, business resilience. With greater visibility into and awareness of the current threat landscape, they can better identify their weaknesses, shore up their defenses, and develop an action plan that keeps disruption to employees, customers, and other stakeholders to a minimum.” 

*This survey was conducted by Censuswide.

Add a Comment

No messages on this article yet

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter