Almost all (97%) orgs report ransomware to police, but results may vary

Read original article

Virtually every organization hit with ransomware called the cops or the government last year, but the level of support they can expect in return remained mixed, according to security firm Sophos’s 2024 State of Ransomware report.

The annual survey, released in April 2024, found 97% of respondent organizations that reported being hit with ransomware in the last year globally had contacted either police or an official government body of some kind. While around six in 10 said they had received advice on how to deal with the attack and/or assistance with their investigation, just four out of 10 said they had received help recovering data.

John Shier, field CTO of threat intelligence at Sophos, told IT Brew that near-universal reporting by entities hit with ransomware is likely related to escalated efforts by governments the world over to combat cybercrime.

“Since we are seeing takedowns and indictments, and in very few cases, unfortunately, some actual arrests of individuals, I think people are saying that and going, ‘OK, well let’s be part of that,’” Shier said.

New regulations, such as the Securities and Exchange Commission’s mandate that publicly traded US companies disclose material cyber incidents, have likely also played a role.

“If you’re in an industry or in a country that requires notification for these kinds of things, then you’re more likely to do that to stay on the right side of the law,” Shier added.