Skip to main content

Many businesses still give in to ransom demands in the event of an attack

(Image credit: Image Credit: WK1003Mike / Shutterstock )

Even though businesses are advised against paying the ransom in the event of a ransomware attack, many organizations still do. This is according to a new report from cybersecurity firm Mimecast, which claims paying the ransom does not guarantee the data will be returned. 

The report states that almost half (48 percent) of UK businesses have been targeted by ransomware in the past year and, of that number, exactly half (50 percent) decided to pay the ransom. That means a quarter of UK businesses gave some of their hard-earned money to cyber crooks.

Of those that ended up paying the ransom, a quarter did not manage to retrieve their encrypted files.

Ransomware should not be taken lightly, the report further states. The majority of ransomware victims (86 percent) suffered downtime, which lasted up to three days for a third of those affected. Furthermore, organizations are facing business disruption, eroded employee productivity and data loss.

Despite the serious implications of ransomware, many organizations are yet to educate their employees on how to stay safe. At the moment, just one in five (19 percent) businesses in the UK provide their employees with awareness training on an ongoing basis.

“Every ransom paid rewards the cybercriminals and sends a signal to others that there's profit to be made, creating a vicious cycle,” argues Carl Wearn, Head of E-Crime at Mimecast.

“It is also a massive risk to pay the ransom, because as this study shows it doesn’t always guarantee a return of the stolen data. There have also been instances where cybercriminals have taken the money and then came back to attack the victim at a later date.”