OpenText Cybersecurity 2024 Global Ransomware Survey: Supply chain and AI-powered attack fears intensify

In the third annual OpenText Cybersecurity 2024 Global Ransomware Survey, we put a magnifying glass to these growing attack techniques and vectors.

Grayson Milbourne  profile picture
Grayson Milbourne

October 10, 20245 minute read

A lock symbol is lit up in light blue, with a dark circle with dark blue and neon green highlights on it. This is on the right side of the image. The background is a slightly blurry image of a server block, lit up with a variety of lights.

Whether a small business or a large enterprise, all organizations are feeling the impact of ransomware. Attackers have honed their tactics, taking advantage of generative AI to make phishing attacks exceedingly clever while continuing their focus on disruptive supply chain attacks. The next generation of threats are more targeted, and with the assistance of AI and a thriving cybercrime as a service market, the barrier to entry for aspiring cybercriminals has never been lower.  

In the third annual OpenText™ Cybersecurity 2024 Global Ransomware Survey, we put a magnifying glass to these growing attack techniques and vectors. Disturbingly, while companies of all sizes are aware of the risks they face, and have taken measures to improve resilience, successful ransomware attacks and payments continue to increase.  

Ransomware strikes 

Alarmingly, nearly half of respondents (48%) reported that their company has previously experienced a ransomware attack, with almost three-quarters (73%) of companies experiencing a ransomware attack this year. Among those who experienced a ransomware attack in the past year, about half (46%) paid the ransom, with 31% of those payments ranging between $1 million and $5 million. The survey also revealed that SMBs experienced more ransomware attacks than large enterprises this year, highlighting the need for organizations of all sizes to defend against ransomware. 

With 39% of companies testing the reliability of recovery plans with techniques like dry runs once every few months, and 29% twice a year, companies can recover data after these attacks. Almost all respondents (97%) reported the successful restoration of their organization’s data. Data management solutions help companies retrieve this data and keep their businesses running. 

Supply chain attacks at center stage 

A majority of respondents (91%) are concerned about ransomware attacks on their company’s downstream software supply chain, third-party and connected partners. Recent breaches by key industry vendors like Change Healthcare, Ascension and CDK Global that caused sector-specific outages and losses made respondents more concerned about being impacted by a supply chain attack; almost half (49%) are concerned enough to consider making vendor change. 

Among those who experienced a ransomware attack in the past year, 62% reported that they have been impacted by an attack originating from a software supply chain partner. Notably, 90% of these respondents are planning to enhance their collaboration with software suppliers to improve security practices over the next year.  

Given the massive sector-specific outages caused by these recent breaches and other impacts, two-thirds of respondents (67%) are planning to increase collaboration with software suppliers to improve security practices in the next year. Only 15% are not. Almost three-quarters (71%) of respondents assess the cybersecurity practices of their software suppliers at least twice a year.  

In addition to regular security audits of software suppliers, vendors and partners, which ranked as the most important tool to help secure the software supply chain, the implementation of advanced threat detection tools is the second most important. Threat detection and response tools need to go beyond traditional borders so organizations can proactively protect their assets from attacks. 

AI-powered attacks 

While the rise of AI empowers security teams to more effectively triage alerts and automate response, AI also helps cyber criminals be more efficient, contributing to an increase in phishing attacks and growing fears about AI-powered attacks. 

Nearly half (45%) of respondents observed an increase in phishing attacks due to the widespread use of AI, and among those who have experienced a ransomware attack, 69% noted an uptick in phishing. Similarly, 55% of survey participants believe their companies are at greater risk of suffering a ransomware attack due to the proliferation of AI usage among threat actors.  

Investing in cybersecurity 

Awareness for ransomware threats is growing and so is regulation. According to 37% of respondents, regulatory compliance or cyber insurance requirements are the primary drivers for increasing ransomware defense investment within the software supply chain.  

As such, about three-quarters (72%) of respondents are covered by cyber insurance in case an attack is successful. A surprising 25% are not and only 3% are not because it’s too expensive. The financial risks, however, presented by the increasing frequency and sophistication of cyber threats make cyber insurance an essential investment. 

Businesses are also increasingly investing in cloud security as well as security awareness and phishing training. Almost two-thirds (66)% of respondents reported that their companies are prioritizing cloud security. Over half (56%) of companies outsource security to an IT or managed services provider. 

Furthermore, 91% of respondents stated their companies require employees to participate in security awareness or phishing training. In 2024, 66% of companies conducted training at least once per quarter, a significant increase from 39% in 2023. The rise in security awareness training is a positive indication that organizations are taking ransomware threats seriously and understand the risk that employees on the front lines represent. Respondents believe current security awareness programs and training are effective in addressing AI-related risks – 88% of respondents think programs and training are very or somewhat effective. 

Avoid paying the attacker’s paycheck 

The findings from OpenText’s Cybersecurity 2024 Global Ransomware Survey reveal that while investments in cybersecurity are increasing, companies are still paying ransoms at alarming rate. Paying a ransom only perpetuates the problem. If we are to disrupt the growing trend of ransomware attacks, it starts with companies refusing the pay the ransom and instead relying on their cyber resiliency playbook. 

Share this post

Share this post to x. Share to linkedin. Mail to
Grayson Milbourne avatar image

Grayson Milbourne

Grayson Milbourne is the Security Intelligence Director at OpenText Cybersecurity, a division of OpenText. Grayson’s nearly two decades of security intelligence expertise include malware analysis, data science, and security education. In his current role, Grayson is focused on efficacy development to ensure the company’s security management products (which include the Webroot portfolio) are able to defend against the most cutting-edge threats. He is a longtime advocate for better 3rd party testing of security products and represents OpenText Security Solutions at the Anti-Malware Testing and Standards organization, AMTSO. Through his efforts, AMTSO released testing standards that greatly improved testing quality when followed. Grayson is an avid participant in the security community and drives awareness of current threats by speaking at major events such as RSA and Virus Bulletin. He is a frequent guest on local NBC affiliates and several cybersecurity podcasts. Beyond his passion for protecting people from cyberthreats, Grayson loves aviation and holds a private pilot license. His other passions include strategic boards games, skiing and playing golf. He lives in Louisville, Colorado with his wife, Danielle and their two cats, Theodore and Aiden.

See all posts

More from the author

How threat hunters stay informed and collaborate 

How threat hunters stay informed and collaborate 

In the ever-evolving landscape of cybersecurity, threat hunters play a crucial role in proactively detecting and mitigating security threats. To do this, they need to stay informed and effectively collaborate.

August 20, 2024 6 minute read

OpenText Cybersecurity 2023 Global Ransomware Survey: The risk perception gap

OpenText Cybersecurity 2023 Global Ransomware Survey: The risk perception gap

The cyber landscape continues to evolve at lightning speed; attacks are more frequent and increasingly sophisticated. And while the use of large language models and…

November 15, 2023 3 minute read

Stay in the loop!

Get our most popular content delivered monthly to your inbox.