Skip to main content

Most ransomware victims who pay up just get attacked again

data privacy
(Image credit: Shutterstock / Zeeker2526)

An overwhelming majority of businesses that give in to the demands of ransomware hackers suffered repeat attacks, a new report has found..

Security firm Cybereason surveyed over 1200 cybersecurity professionals from the US, UK, Spain, Germany, France, UAE, and Singapore, finding that over half of firms had fallen prey to a ransomware attack, and that 80% of those who chose to pay the ransom were attacked again, often by the same threat actors.

The report comes after two high-profile ransomware attacks on critical supply-chain businesses that both wriggled out by paying their attackers.

“Paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organization again, and in the end only exacerbates the problem by encouraging more attacks,” said Cybereason’s CEO and co-founder, Lior Div.

Prevention is better than cure

The report also reveals that about half (46%) of the victims discovered that some or all of their data was corrupted beyond use even after obtaining the decryption key by paying the attackers.

Div explains that the one big takeaway from the survey is that instead of ponying up the ransom, businesses should concentrate on implementing a prevention-first strategy to avoid the attacks altogether.

“These findings underscore why it does not pay to pay ransomware attackers, and that organizations should focus on early detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy,” reasons Div.

The report looks into the business impact of ransomware attacks across key industry verticals, in order to help businesses devise better ransomware defense approaches.

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.