Ransomware: Too many firms are still willing to pay up if attacked

Survey indicates that six in ten organisations would pay the ransom to cyber criminals - despite warnings it only encourages further attacks
Written by Danny Palmer, Senior Writer

Over half of organisations would pay the ransom if they fell victim to a ransomware attack – despite repeated warnings that they shouldn't encourage cyber-criminal extortion.

Research by the Neustar International Security Council (NISC) found that six in ten organisations would pay cyber criminals for the decryption key in the event of a ransomware attack, according to its survey of 300 workers in 'senior positions'.

That's despite the likes of The White House, the UK Home Office, law enforcement and cybersecurity experts warning that paying the ransom should be avoided because it signals to ransomware operations that their extortion schemes work.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)  

High-profile victims of ransomware attacks who have paid ransoms recently include Colonial Pipeline, which paid over $4 million in Bitcoin to cyber criminals using DarkSide ransomware, while meat processor JBS paid $11 million in Bitcoin to criminals who compromised its network with REvil ransomware.

These incidents have seemingly forced business to take notice, with 80% of cybersecurity professionals surveyed for the research stating that more emphasis is being placed on protecting against the threat of ransomware.

However, a quarter of respondents fear that their current security procedures might not offer full protection against ransomware threats, describing them as 'somewhat' or 'very' insufficient.

When it comes to ransomware, the best thing an organisation can do is prevent it becoming a problem in the first place. Cybersecurity procedures, such as applying multi-factor authentication across the network, applying security patches to protect against known vulnerabilities in a timely manner and regularly updating backups and storing them offline, can help organisations prevent being disrupted by a ransomware attack.

SEE: 'Like playing whack-a-mole': Do cybercrime crackdowns have any real impact?

By applying these sorts of protections, it makes it much less likely that organisations will feel the need to give into the extortion demands of cyber criminals.

"Companies must unite in not paying ransoms. Attackers will continue to increase their demands for ever larger ransom amounts, especially if they see that companies are willing to pay. This spiral upwards must be stopped," said Rodney Joffe, NISC chairman and fellow at Neustar.


Editorial standards