A vast majority of UK's organisations have said they would never pay ransom if they get hit by ransomware. However, companies that have been hit by the dreaded malware paint a different picture. This is according to a new report by security researchers from Trend Micro. According to the company, out of those that have been victims (and there have been plenty), two thirds (65 per cent) have actually paid ransom.
What is particularly worrying is the fact that only 45 per cent of those infected got their data back after paying – meaning one in five pay, but never get their data back. In the last two years, almost half (44 per cent) of all UK businesses have been targeted by ransomware. More than a quarter (27 per cent) more than once, and there have been companies that were attacked more than five times. Ransomware has become extremely popular lately, mostly because it simply – works.
“When faced with a ransom situation, most organisations simply cannot afford to part with the encrypted data and are forced to fork out the requested amount, often more than once,” said Bharat Mistry, cybersecurity consultant at Trend Micro. "Caving in to the demands of cyber-extortionists only reassure them of their strategy and perpetuates the threat cycle. That’s why companies must adequately protect themselves against ransomware and avoid playing by attacker’s terms.”
The average amount organisations pay is £540, even though there have been those that paid more than £1000. The main reasons why companies decide to pay the ransom is because they fear fines, in case the data is lost, because the data was highly confidential, or because the ransom amount was low. Those that didn’t pay, said they’d never bargain with criminals.
“Ransomware has completely dominated the current threat landscape,” added Bharat Mistry. “During the first part of 2016, we blocked and detected almost 80 million ransomware threats and identified 79 new ransomware families – comparing to 29 in the whole of the 2015. That’s a 179 per cent increase. Quite a few of those were built with routines that are designed to attack enterprise machine and endpoints. It’s time companies take heed."
Image Credit: Christiaan Colen / Flickr