The danger of paying out an online ransomware demand has been exposed by a new study which reveals nearly eight out of ten of organisations who cough up are hit by a second attack, often by the same hackers, with nearly two-thirds forced to pay more the second time around.
According to Cybereason’s Ransomware: The Cost to Business Study 2024, which quizzed over 1,000 cybersecurity professionals, a whopping 84% of organisations have agreed to pay a ransom demand after being breached.
However, the advice that paying is not the solution is reinforced by the fact that less than half (47%) of organisations which have shelled out the money have got their data and services back uncorrupted.
The average ransom demand for UK businesses has risen to £330,000, but US firms face the highest demands on £1.1m, followed by France (£790,000), and Germany (£602,000).
Even so, nearly half (46%) of ransomware victims estimated business losses to be between $1m and $10m as a result of the attack, with 16% reporting losses of over $10m.
Despite this risk, only four in ten (41%) organisations feel they have the right people and plan to manage the next attack and while cyber insurance take up is widespread, only 40% are sure that a ransomware attack would be covered.
Cybereason global field chief information security officer Greg Day said: “[Paying the ransom] is no guarantee that attackers won’t sell your data on the black market, that you’ll even get your full files and systems back, or that you won’t be attacked again.
“And while many have cyber insurance, too many simply don’t know if, or to what degree it covers them for ransomware attacks.”
More than half (56%) of cybersecurity professionals said their organisation had not detected a breach for between three and 12 months.
The most common method ransomware actors used infiltrated systems was via a supply chain breach (41%), was followed by 24% who got in directly, and 22% who accessed victims’ networks with the help of an insider.
The report follows a warning issued by the UK’s National Cyber Security Centre, part of GCHQ, that British businesses must be on data security red alert over a fresh wave of malicious cyber attacks, particularly ransomware demands.
The NCSC cited the rise of AI systems that are lowering the entry barrier to less skilled cyber criminals, including hackers-for-hire and hacktivists, with AI already being used in malicious cyber activity.
Related stories
Gamers attacked as Fortnite firm suffers data breach
UK firms braced for fresh wave of ransomware attacks
UK firms still in dark over new cyber security measures
Major brands warned over extortion after global attack
ICO inundated with reports over Capita data breach
KFC owner warns customers over potential data theft
Royal Mail ransom demands ‘hold lessons for all firms’