Retail Industry Second Most Targeted Industry by Ransomware in 2021

77% of Retail Organizations were hit with ransomware, up from 44% in 2020—a 75% jump.

Ransomware red button on keyboard, 3D rendering

Cybersecurity firm Sophos has revealed that retail had the second highest rate of ransomware attacks last year of all sectors surveyed after the media, leisure, and entertainment industry. 

This follows a report done by the company named The State of Retail 2022.

Globally, 77% of retail organizations surveyed were hit – a 75% increase from 2020.  This is also 11% more than the cross-sector average attack rate of 66%. 

Retailers continue to suffer one of the highest rates of ransomware attacks in any industry. With more than three in four suffering an attack in 2021, it certainly brings a ransomware incident into the category of when, not if. – Sophos in a statement.

Furthermore, as the percentage of retail organizations attacked by ransomware increased, so did the average ransom payment.

In 2021, for instance, the average ransom payment was $226,044, a 53% increase when compared to 2020 ($147,811).

However, this was less than one-third of the cross-sector average ($812K).

Additional findings 

While the retail sector was the second most targeted industry, the perceived increase in the volume and complexity of cyberattacks against the industry were slightly below the cross-sector average (55% and 55% respectively).

92% of retail organizations hit by ransomware said the attack impacted their ability to operate and 89% said the attack caused their organization to lose business/revenue.

In 2021, the overall cost to retail organizations to remediate a ransomware attack was $1.27M, down from $1.97M in 2020.

When compared to 2020, the amount of data recovered after paying the ransom decreased (from 67% to 62%), as did the percentage of retail organizations that got all their data back (from 9% to 5%).

“It’s likely that different threat groups are hitting different industries. Some of the low-skill ransomware groups ask for $50,000 to $200,000 in ransom payments, whereas the larger, more sophisticated attackers with increased visibility demand $1 million or more,” said Chester Wisniewski, principal research scientist, Sophos.