The report "Sophos State of Ransomware in Retail," looked at the extent and impact of ransomware attacks on the retail sector worldwide during 2020.
The total bill for rectifying a ransomware attack in the retail sector, considering downtime, people time, device cost, network cost, lost opportunity, ransom paid, and more, was $1.97 million on average -- compared to a cross-sector average of $1.85 million, the report revealed.
Among the retail organisations hit by ransomware, over half (54 per cent) said the attackers had succeeded in encrypting their data, while a third (32 per cent) paid an average $147,811 in ransom.
However, those who paid recovered on average only two-thirds (67 per cent) of their data, leaving a third inaccessible; and just 9 per cent got all their encrypted data back, the report showed.
"The retail sector has always been an attractive target for cyberattacks, with its complex, distributed IT environments, including a multitude of connected point-of-sale devices, a relatively transient and non-technical workforce, and access to a wide range of personal and financial customer data," said Chester Wisniewski, principal research scientist at Sophos, in a statement.
"The impact of the pandemic introduced additional security challenges that cybercriminals were quick to exploit," he added.
To secure retail IT networks against ransomware and other cyberattacks, Wisniewski advised IT teams to focus resources on three critical areas: building stronger defences against cyberthreats, introducing security skills training for users including part time and temporary staff, and, where possible, investing in more resilient infrastructure.
The report survey polled 5,400 IT decision makers, including 435 retail IT managers, in 30 countries across Europe, the Americas, Asia-Pacific and Central Asia, the Middle East, and Africa.