About 88 percent of organizations previously attacked by ransomware would choose to pay ransom again in the next attack. This is evident from a study by security specialist Kaspersky.
Among organizations that have never been ransomware victims before, only 67 percent would be willing to pay. They would also be less likely to do so immediately. Nevertheless, ransomware remains a prominent threat. For example, two thirds (64 percent) of all companies have already been confronted with an attack.
Of the unaffected organizations, 66 percent expect an attack to be only a matter of time. They also consider a confrontation with ransomware more likely than other common attack types, such as DDoS, supply chain, APT, crypto mining or cyber espionage.
“Executives of organizations who have previously paid ransoms seem to believe this is the most effective way to get their data back: 97 percent of them are willing to do it again,” the survey found. That willingness, Kaspersky says, can be attributed to a lack of understanding of how business leaders should respond to such threats or the time it takes for the enterprise to recover data. “More money is often lost waiting for data recovery than paying a ransom.”
“As a ransomware attack threatens the continuity of the business, executives are forced to make difficult decisions,” said Jornt van der Wiel, Security Researcher, Global Research & Analysis Team at Kaspersky. “Giving money to criminals is never advisable, however, as it does not guarantee that the encrypted data will be returned and encourages these cybercriminals to do it again.”
According to Van der Wiel, companies should look for reliable security solutions early to minimize the risk of a ransomware incident. “Make sure the software is always up to date on all devices, and make offline backups that intruders can’t tamper with. Have you fallen victim to a ransomware attack? Then, immediately report the incident to local law enforcement authorities and check, for example, on NoMoreRansom.org if you can find a decryptor.’