You are here

Back to top

80% of firms that paid off ransomware attacks were hit again, Cybereason says

More than half of organisations that chose to pay ransomware demand in the past suffered from repeat attacks, a newly released Cybereason study has found.

Surveying 1,300 security professionals around the world, the cybersecurity technology company found that 80% of businesses that paid a ransomware demand suffered a second attack, often by the same threat actors who committed the first attack. 

“Paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks,” said Cybereason’s CEO and co-founder, Lior Div.

Censuswide, which conducted the study on behalf of Cybereason, revealed that about half (46%) of the victims discovered that some or all their data was corrupted during the recovery process when trying to regain access to their encrypted systems.

“Ransomware attacks are a major concern for organisations across the globe, often causing massive business disruptions including the loss of income and valuable human resources as a direct result,” Div said.

“In the case of the recent Colonial Pipeline ransomware attack, disruptions were felt up and down the East Coast of the United States and negatively impacted other businesses who are dependent on Colonial’s operations,” he added. 

The report also disclosed the financial impact and consequences on businesses after experiencing a ransomware attack.

Cybereason highlighted that two-thirds (66%) of survey respondents said they suffered a significant loss of business revenue, over half (53%) said their brand reputation was damaged, and a third (32%) lost C-Level talent as a direct result of ransomware attacks.

The report also found that 25% of organisations hit by a ransomware attack were forced to close, while 29% of respondents said they were forced to lay off jobs due to financial pressures following a ransomware attack.

Instead of complying with attackers' demands, businesses should concentrate on early detection and prevention strategies that “will allow organisations to stop disruptive ransomware before they can hurt the business,” Div said. 

“These findings underscore why it does not pay to pay ransomware attackers, and that organisations should focus on early detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy” Cybereason said.