The State Of Ransomware In Financial Services

Updated on

Today, Sophos released its new survey report, “The State of Ransomware in Financial Services 2021,” which details the extent and impact of ransomware attacks on financial services organizations during 2020.


Q2 2021 hedge fund letters, conferences and more

The Impact Of Ransomware Attacks On Financial Services

The survey reveals that mid-sized financial services organizations worldwide spent more than $2 million on average recovering from a ransomware attack. Even though financial services organizations are fairly resilient against cyberthreats, thanks to robust backups and continuity plans, the costs they incur recovering from a ransomware attack are among the highest, exceeding the global average of $1.85 million. Other key findings from the survey include:

Financial Services

  • Nearly two-thirds (62%) of victims surveyed in this sector were able to restore their encrypted data from backups.
  • 34% of the financial services organizations surveyed were hit by ransomware in 2020.
  • 51% of the organizations impacted said the attackers succeeded in encrypting their data.
  • Only 25% paid the ransom demanded to get their encrypted data back. This is the second lowest payment rate of all industries surveyed. The global average was 32%.

Financial Services

The Cost Of Recovery

From Sophos Senior Security Advisor John Shier:

“Strict guidelines in the financial services sector encourage strong defenses. Unfortunately, they also mean that a direct hit with ransomware is likely to be very costly for targeted organizations. If you add up the price of regulatory fines, rebuilding IT systems and stabilizing brand reputation, especially if customer data is lost, you can see why the survey found that recovery costs for mid-sized financial services organizations hit by ransomware in 2020 were in excess of $2 million.

Financial Services

Two other slightly worrying data points are the fact that a small, but significant, 8% of financial services organizations experienced what are known as ‘extortion’ attacks, where data is not encrypted, but stolen and victims are threatened with the online publication of their data unless they pay the ransom. Backups cannot protect against this risk, so financial services organizations should not rely on them as an anti-extortion defense. Further, 11% of the financial organizations surveyed believe they won’t get hit because they are ‘not a target.’ This is a dangerous perception because anyone can be a target. The best approach is to assume you will be a target and to build your defenses accordingly.”

Financial Services