We chose to analyze four recent ransomware attacks. These ransomware attacks resulted in significant business disruption and financial impact, and in some cases, continue to result in collateral damage. While details are often sparse on how the attacks happened, the nature of the attack can be examined to determine the degree to which basic ransomware controls impact organizational outcomes. Many ransomware attacks are not technically sophisticated, but instead take advantage of controllable gaps and lapses that organizations do not actively seek to identify and remediate.

Axio researchers analyzed updated data from the Axio360 Ransomware Preparedness Assessment tool to prepare the 2022 State of Ransomware Preparedness report (2022 Study). The Ransomware Preparedness Assessment is informed by input from hundreds of ransomware events, guidance from the U.S. Department of Homeland Security, and Axio’s own research. Organizations across multiple critical infrastructure sectors have used the tool to determine the strength of their ransomware practices and controls, to identify gaps, and to prioritize improvements.