Most businesses will pay for a ransomware attack, but 80% of this will be hit a second time

A report from data analytics firm Neustar claims that 60% of companies would rather spend money to recover files and data in a ransomware attack to be able to continue their work. , instead of messing around with fallback solutions. Even a fifth of these said they would pay up to 20% of their annual revenue to get their data and systems back.

According to the same report, the ransomware threat has grown to the point where it is now a top concern for many companies and corporations, and during the past two years, never have IT staff been as worried about ransomware as it was. The current.

The news of some recent attacks has led 80% of cybersecurity professionals to focus more on protecting systems against ransomware threats. Most of these, around 74%, consider the current solutions available on the market to be relatively adequate to detect, prevent and mitigate attacks. The rest (26%) consider them insufficient.

Ransomware was originally just a piece of malware that attacked only individual users, encrypting all the data on the target device and demanding small payments in cryptocurrency in exchange for the decryption key. But gradually, it has become a serious threat that targets specific companies, to demand large payments and threatens not only to lock the system permanently, but also to get data to sell or make. leak sensitive company data online.

Most recently, the US meat processing company JBS confirmed to have paid $ 11 million to ransomware attackers named REvil a month ago. Colonial Pipeline Corporation also suffered a major ransomware attack last month that took its systems offline for almost a week and sent oil prices soaring, which paid the DarkSide gang attackers around $5 million USD.

Meanwhile, cybersecurity experts have long warned against paying ransoms for a variety of reasons, the most important of which is that doing so does not guarantee the victim will regain his or her system keys or data. .

Even in the case of data recovery, it may be incomplete or corrupted. And finally, paying the ransom does not prevent future attacks, and in many cases the victim will suffer another attack shortly after the first attack. And they are often from the same malicious agent that was previously installed.

If you pay the ransom once, you will most likely have to pay a second time.

A study by cybersecurity firm Cybereason found that the majority of organizations that have chosen to pay the ransom are not immune to further ransomware attacks. And in fact, 80% of organizations that pay ransom have been attacked a second time, and almost half of these are attacked by the same group before.

Of course, dealing with the aftermath of a ransomware attack can be complicated and expensive. The majority of organizations have suffered significant business impacts as a result of ransomware attacks, including loss of revenue (66%), damage to the organization’s brand (53%), and unplanned workforce cuts. plan (29%) and even close the business completely (25%).

This study highlights that prevention is the best strategy for managing risk from ransomware and ensuring organizations don’t fall victim to a ransomware attack in the first place.

Check out Techradar, venturebeat