According to a new analysis by Sophos, a cybersecurity solutions provider located in the United Kingdom, 71% of Nigerian businesses were targeted by ransomware in 2021, with 44% of those affected being compelled to pay ransoms to regain access to their data.
According to the analysis, titled “The State of Ransomware 2022,” the number of Nigerian businesses infected by ransomware climbed from 22% in 2020 to 71% in 2021.
The ransom is being paid by a growing number of victims. — In 2021, 44% of businesses who had data encrypted as a result of a ransomware attack paid the ransom.
“A ransomware assault can have a huge financial impact – the average cost of recovering from the most recent ransomware attack in 2021 was $3.43 million.”
The damage and disruption required an average of one month to recover from. 97 percent of organizations stated the attack harmed their ability to operate, and 96 percent of victims said the incident caused them to lose business or money.
“Many firms rely on cyber insurance to help them recover from a ransomware assault — 81 percent of mid-sized organizations had cyber insurance that covered them in the case of a ransomware attack – and the insurer reimbursed some or all of the costs incurred in 97 percent of incidents.”
“The main findings of the State of Ransomware 2022 global survey from Nigerian respondents, which covers ransomware incidents experienced in 2021, as well as related cyber insurance issues, include: 91 percent of those with cyber insurance said their experience of getting it has changed over the last 12 months, with higher demands for cybersecurity measures, more complex or expensive policies, and fewer organizations offering insurance,” according to the report.
The impact of ransomware on 5,600 mid-sized businesses in 31 countries across Europe, the United States, Asia-Pacific and Central Asia, the Middle East, and Africa was examined in the paper.
“The report reveals that, internationally, the proportion of victims paying the ransom continues to climb, even when they may have other options available,” Chester Wisniewski, Sophos’ chief research scientist, stated.
“There could be a variety of reasons for this, including insufficient backups or a wish to prevent stolen data from being exposed on a public leak site.” There is typically a lot of pressure to get back up and running as soon as possible following a ransomware assault.
“Because restoring encrypted data from backups can be difficult and time-consuming, it’s tempting to believe that paying a ransom for a decryption key is a better alternative.” It’s also a potentially dangerous alternative.
“Organizations have no idea what the attackers may have done, such as installing backdoors, stealing passwords, and so on.” If companies don’t fully clean up the retrieved data, they’ll wind up with a network full of potentially harmful stuff and be vulnerable to a repeat attack.”
According to the firm, 62% of the country’s businesses have cyber insurance, with 38% having cyber insurance but with exceptions or exclusions in the policy.
It went on to say that the number of businesses directly affected by ransomware has nearly doubled in the last year.
