Skip to content

Enterprises are digitalizing at a rapid pace for the last two plus years now. The situation has been further complicated with the mainstreaming of prolonged remote work trends. Right now, we are in a hybrid workforce model, which also has its fair share of complexities.

When we talk of the cyber security landscape the world over, the situation has been quite volatile and hostile. Ever since the onset of the Covid-19 pandemic, we have seen an unprecedented surge in cyber attacks of all manner.

A Snapshot of the Ransomware Landscape in 2021 by Sophos

Among the commonly used attack vectors in cyber attacks, we are seeing a massive surge in ransomware attacks. If successful, such an attack encrypts an organization’s or individual’s data, after circumventing the security protocols in place, if any.

Related: A Glimpse of the Leading Cyber Security Trends for 2022

Once an organization has fallen prey to a ransomware attack, it is pretty much left with only two options. The first one is to pay a ransom to the perpetrator of the attack, in exchange for decrypting your very own data.

The other option, if there was proper planning in place for such an arrangement, is to restore your organizational data with the help of a recent backup. Both these scenarios are quite complicated and painful.

The State of Ransomware 2022 Report by Sophos

Recently, a survey was conducted by Sophos, a company that specializes in a wide array of proactive cyber security solutions. The primary focus of this study was ransomware attacks that took place during the year 2021.

The sample size for this survey was comprised of nearly 5,600 IT professionals from 31 different countries across the globe. The survey respondents belonged to mid sized companies, with the number of employees ranging between 100 and 5,000.

Key Finding of the Sophos Survey

In this post, we will summarize some of the most common stats that have emerged from this survey. This will enable us to paint a much better and well informed picture of the cyber security situation in general, and ransomware attacks in particular.

A sizeable 66% of the surveyed organizations were hit by some sort of a ransomware attack during the year 2021. This signifies a remarkable increase in this attack vector, as only 37% organizations were hit by ransomware during the year 2020.

One more alarming stat from this Sophos survey was that out of these attacks, the perpetrators were able to encrypt organizational data 65% of the times. The vast majority of attackers preferred encrypting the data, instead of leaking it.

Related: Tightening Access Security Should Be a Priority

Frequency, Complexity and Impact of Ransomware Attacks

According to “The State of Ransomware 2022” survey by Sophos, 57% of the respondents witnessed an increase in the overall attack volume. 59% of the survey participants said they found the ransomware attacks to be much more complex in nature.

The majority 53% of the respondents said that ransomware attacks during 2021 were much more pronounced in terms of their overall impact on their organizations. On average, it took organizations nearly 1 month to recover from major ransomware attacks.

Average Remediation Costs

During the year 2020, the average remediation cost of a ransomware attack was a whopping US $1.85 Million. However, the year 2021 at least saw the average remediation costs come slightly down to US $1.4 Million, which was a welcome relief.

Data Recovery Rates and Methods

On yet another positive note, 99% of the organizations hit by a ransomware attack in 2021 were able to recover their data. During the year 2020, this data recovery ratio still stood at a healthy 96%.

A sizeable 73% of the attacked organizations used backups to recover their data, which is a very promising sign. However, 46% of the surveyed organizations did end up paying ransom to the attackers, which is one of the reasons ransomware is rampant these days.

The slight overlap that exists between the above stats is because some of the affected organizations ended up using both data recovery methods, namely ransomware payment as well as restoring data via the latest backup.

The disturbing bit is that despite paying up the ransom amounts, only 61% of the organizations were able to fully retrieve their data. This is yet another stat which underscores the importance of having a resilient data backup plan in place.

Related: Security Hygiene and Posture Management – Two Emerging Challenges

The Impact of Cyber Insurance

Over the past years, cyber insurance remained a tricky path to navigate for organizations that wanted it and the ones that were selling it. Interestingly, an overwhelming 98% of the attacked organizations did have some sort of cyber insurance in place.

Out of these organizations which had cyber insurance, a sizeable 83% of them had coverage against ransomware attacks. An overwhelming 98% of the respondents which were insured for ransomware attacks did end up getting compensated by the insurance providers.


The Sophos survey concluded that cyber insurance has played a key role in improving the overall cyber security and back-up postures of organizations. To qualify for getting insurance cover, organizations had to improve their security and back-up postures.

Lastly, this is another positive sign that organizations with cyber insurance against ransomware are not relying solely on this recovery method. Instead, organizations are increasingly resorting to resilient and reliable back-up plans as well.

Contact dinCloud, an ATSG company, for Cloud Computing solutions that come with multi layered security baked into the service. Our Cloud Hosted Virtual Desktops (dinHVD) come with 10 days Snapshots / Back-up, out of the box for quick and easy restoration.