The point: Mobile and remote endpoints are the entry point for more than half of ransomware attacks; organizations fail to achieve complete recovery within 24 hours.
57 percent of all ransomware attacks originate on mobile, remotely operated, or hybrid endpoints. System recovery takes an average of five days, and in extreme cases up to two weeks.
57 percent of all ransomware campaigns launch through mobile, remotely used, or hybrid-operated endpoints. This points to a persistent security gap in decentralized infrastructure that has widened further due to hybrid work reality.
Organizations struggle to manage ransomware infections within the expected timeframe: average recovery duration is five days; individual cases report downtime of up to two weeks. This ties up significant resources and leads to production losses, data loss, or compliance violations.
Rather than establishing resilient defense and recovery capabilities, an increasing number of organizations pay ransom in case of damage to return to operations more quickly. This reactive model funds the attackers, increases the risk of infection for other victims, and undermines long-term security investments. CISOs should prioritize endpoint hardening, segmented backups, and incident response scenarios to reduce recovery times from days to hours.
Source: www.security-insider.de · Published 9 July 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.3.