Ransomware Attacks in 2024: Longer Outages, More Revenue Loss
A recent study by the Ponemon Institute reveals the grim reality of ransomware attacks in 2024. Despite a decrease in average payment costs, organisations face longer containment periods and increased revenue loss. Phishing remains the primary attack vector, with over half of affected businesses forced to shut down operations for recovery.
The average duration to contain and remediate an organisation's largest ransomware attack in 2024 stood at 132 hours, involving an average of 17.5 staff and third parties. This marks a reduction from 190 hours and 14 staff in 2021. However, the proportion of organisations experiencing significant revenue loss nearly doubled, rising from 22% in 2021 to 40% in 2024.
Phishing was the most prevalent method for delivering ransomware, accounting for 45% of attacks. Remote desktop protocol (RDP) compromises followed at 32%, with exploiting software vulnerabilities at 19%. Despite making payments, 40% of respondents reported data leaks, and 32% faced additional demands or threats. Over half (58%) of organisations had to shut down operations for recovery, with 51% making the payment.
The overall average cost of a ransomware attack in 2024 decreased to $146,685, down from $168,910 in 2021. However, the proportion of organisations experiencing brand damage rose to 35%, up from 21% in 2021. Only 28% of respondents informed law enforcement when hit by ransomware, and just 13% recovered all impacted data after making a payment.
The 2024 ransomware landscape, while showing a decrease in average payment costs, presents a challenging picture for organisations. Longer containment periods, increased revenue loss, and higher instances of brand damage underscore the need for robust cybersecurity measures and incident response planning. Despite making payments, organisations face data leaks and additional demands, highlighting the importance of considering alternative strategies to mitigate ransomware attacks.
