Skip to content

The New Silobreaker Ransomware Report – An analysis of disclosure and messaging from open sources Learn More +

  • How it works
  • Solutions
        • Cyber Threat Intelligence
          • APT Monitoring
          • Cyber Threat Landscape Intelligence
          • Data Breach Intelligence
          • Fraud Intelligence
          • Phishing Intelligence
          • Ransomware Intelligence
          • Supply Chain Threat Intelligence
          • Vulnerability Intelligence
        • Strategic and Political Intelligence
          • Competitor Benchmarking Intelligence
          • Conflict and Geopolitical Intelligence
          • Corporate Risk Intelligence
        • Physical Risk Intelligence
          • Areas of Operation Intelligence
          • Events and Activism Intelligence
        • Brand Threat Protection
        • Industries
          • Critical Infrastructure
          • Financial Services
          • Government and Defence
          • Healthcare and Pharma
          • Service Providers
          • Retail
          • Technology and Telecoms
  • Alerts
        • Silobreaker Demo

          See a demo of Silobreaker in action

          Request a demo +

        • Free Intelligence Email Alerts
          • COVID-19 Threat Alert​
          • Daily Cyber Alert
          • Weekly Cyber Digest
          • Financial Services Threat Alert
          • Ransomware Rewind
          • Russia-Ukraine Insights Alert​
          • US Politics Media Watch​
  • Resources
        • Silobreaker ROI

          Answer more intelligence use cases with a single tool

          Read our ROI Report +
        • Data SheetsDownload our product information
        • EventsMeet our team of experts
        • Customer StoriesLearn how customers reduce risk
        • ReportsIn-depth analysis and insights
        • WebinarsOnline events you don’t want to miss
  • Partners
  • Company
        • Customer Support

          Get product support from our experts

          Contact support +
        • AboutLearn about our people and awards
        • CareersIt’s a great time to join Silobreaker
        • PressAll the latest buzz on the company
        • Contact usGet in touch with sales and support
  • Free Trial
  • Login
  • Request demo
Menu
  • Request demo

New Silobreaker research reveals organisations are slow to disclose ransomware attacks

  • April 25, 2023

An analysis of how delayed, incomplete disclosures can place customers and third parties at heightened risk of disruption.

Silobreaker, a leading security and threat intelligence technology company, today released the findings of its study into how quickly and thoroughly organisations disclose that they have been hit by ransomware. The research looked at 430 known ransomware incidents identified on the Silobreaker platform in the 2022 calendar year, assessing the time lag between the initial attack, the date when the attack was first reported on news sites, blogs, social media and other open-source data platforms, and the date when the organisation confirmed the attack – as well as the date the attack was claimed by a specific ransomware actor.

The research revealed that nearly a quarter of organisations (22.3 percent) never admitted they had suffered any type of incident, even though information about their attacks was available on the public internet and/or the dark web.

Of the 334 organisations that did admit a breach, only 14.7 percent made their disclosure within one day of the initial attack. In comparison, 40 percent of victims took between one week and three months to make their announcement, while 11 percent took three months or more.

Approaching half (42.6 percent) of the 430 organisations identified by Silobreaker waited until news outlets and other open-source data platforms had reported on their ransomware incidents before admitting they were impacted. Once the news became public, companies did act quickly, with 36 percent disclosing the incident on the day that public reports first emerged.

Organisations were slower to notify customers that their personal data could be at risk. On average, there was a 90-day lag between the initial attack and individual customers being informed of a data breach.

The research also revealed that organisations have moved away from using the word ‘ransomware’ in their official disclosures, opting for more generic terms such as ‘data breach’, ‘compromised/stolen data’, ‘cyberattack’, ‘incident’ or ‘disruption.’ Indeed, the word ‘ransomware’ was used only used in 38.4 percent of disclosures between April and December 2022.

Kristofer Mansson, CEO of Silobreaker, commented:

“Although the majority of companies do disclose ransomware attacks, they are often slow to come clean or only do so when it can no longer be kept secret. In addition, some organisations are prone to using vague language, perhaps in an attempt to downplay the severity of the situation.

“While it’s understandable that organisations want these types of incidents to remain hidden – and it’s important that they have time to investigate the attack before disclosure – this lack of transparency can place customers, suppliers and other third parties at heightened risk of disruption. It’s vital that all organisations – not just the initial target – have complete and immediate visibility into all ransomware threats, as an attack on a partner could have a major impact across the entire supply chain.”

Silobreaker’s ‘Ransomware? What Ransomware?’ Report can be downloaded for free from here.

 

Methodology

The research focused on available data of 430 ransomware incidents that took place in 2022, which were all identified on the Silobreaker platform. Only incidents that were publicly reported on were included in the study, with analysed datasets including news articles, blogs, press releases and tweets, all in the English language.

Only incidents where (1) the victim organisation’s name was added to a leak site or a threat actor claimed responsibility, (2) the victim organisation confirmed a ransomware attack, or (3) the attack showed clear indicators of ransomware, were included in the research.

About Silobreaker

Silobreaker enables organisations to make confident intelligence-led decisions that reduce risk, by providing insights no other solution can match, at unprecedented speed. Aggregating a vast, unique collection of data from millions of open and dark web sources, we unlock relevant intelligence with context, across cyber, physical, and geopolitics. This allows analysts to identify undetected threats and incidents early and deliver real-time reports in one click, so decision-makers can make accurate decisions to mitigate risks.

UK media contact:

Peter Adams / Michelle Edge, Eleven Hundred Agency

e: silobreaker@elevenhundredagency.com
t: +44 (0) 20 7688 5202

PrevPreviousSilobreaker advances its data partnership programme with Mandiant Finished Intelligence
NextSilobreaker wins three top honours at the Global Infosec Awards during RSA conference 2023Next

Home – News Items – New Silobreaker research reveals organisations are slow to disclose ransomware attacks

Get started today

Ready to try it for yourself? Request a demo of Silobreaker today.

Request demo
Silobreaker
Linkedin-in Twitter Facebook-f

Product

  • Platform
  • Industries
  • Platform
  • Industries

Log in

Resources

  • Alerts
  • Data Sheets
  • Webinars
  • Reports
  • Glossary
  • Alerts
  • Data Sheets
  • Webinars
  • Reports
  • Glossary

Partners

  • Integration Partners
  • Channel Partners
  • Integration Partners
  • Channel Partners

Company

  • About Silobreaker
  • News
  • Careers
  • Services
  • Legal
  • Privacy Policy
  • About Silobreaker
  • News
  • Careers
  • Services
  • Legal
  • Privacy Policy

Contact

  • Sales
  • Support
  • Offices
  • Sales
  • Support
  • Offices
Copyright © 2023 by Silobreaker Limited. All rights reserved.
Manage consent
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
Cookie SettingsAccept All
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
__hssrcsessionThis cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
cookielawinfo-checkbox-advertisement1 yearSet by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent1 yearRecords the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
elementorneverThis cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
CookieDurationDescription
__cf_bm30 minutesThis cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc30 minutesHubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
bcookie1 yearLinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie1 yearLinkedIn sets this cookie to store performed actions on the website.
langsessionLinkedIn sets this cookie to remember a user's language setting.
lidc1 dayLinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory1 monthLinkedIn sets this cookie for LinkedIn Ads ID syncing.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
CookieDurationDescription
_uetsid1 dayBing Ads sets this cookie to engage with a user that has previously visited the website.
_uetvid1 year 24 daysBing Ads sets this cookie to engage with a user that has previously visited the website.
SRM_B1 year 24 daysUsed by Microsoft Advertising as a unique ID for visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
CookieDurationDescription
__hstc5 months 27 daysThis is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga2 yearsThe _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_1737047_91 minuteSet by Google to distinguish users.
_gcl_au3 monthsProvided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid1 dayInstalled by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
hubspotutk5 months 27 daysHubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
CookieDurationDescription
ANONCHK10 minutesThe ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
MUID1 year 24 daysBing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie15 minutesThe test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
CookieDurationDescription
_clck1 yearNo description
_clsk1 dayNo description
AnalyticsSyncHistory1 monthNo description
CLID1 yearNo description
li_gc5 months 27 daysNo description
SMsessionNo description available.
SAVE & ACCEPT
Powered by CookieYes Logo