A 2021 study from Cybereason found that 80% of organizations targeted with ransomware attacks and that paid a ransom were later targeted by a second attack. This adds to the evidence that paying ransom may not always be worth it for companies.
Ransomware and paying ransom
According to experts at Kaspersky, ransomware attacks doubled in the first ten months of 2022 compared to the previous year. This included individuals, government entities, and businesses. They also noted that most attacks originated with phishing emails imitating legitimate agencies to access personal information or credentials.
While companies subject to ransomware attacks face enormous pressure to pay a ransom to protect customer data, this carries risks. The FBI has warned some companies that paying ransom isn’t necessarily going to protect them.
Ransom demands are also rising – in fact, the amounts have increased by 500% in the last two years. The average ransom demand from cybercriminals is now half a million dollars. And while some insurance companies offer cyber insurance, it does not make up for the private data that gets leaked on the dark web.
Cyber insurance may soon become a thing of the past since many companies seem incapable of mounting a secure defense against hackers, and lawsuits pile up as a result.
Once a company pays a ransom, they seem to be a target for new attacks. Up to 80% are targeted a second time.
As of 2021, between 50 and 75% of ransomware targets were small businesses.
The importance of cybersecurity
Recent hacks have had devastating consequences. For example, Australia’s Medibank medical insurance company was hacked in 2021. As a result, people who had sought resources for mental health and addiction had their names and data published on the dark web. Medibank now faces a class action lawsuit. It’s unclear if they considered paying ransom demands.
New Internet of Things (IoT) and mobile devices are at the center of security discussions. It appears these are popular targets for hackers. For example, many recent hacks have targeted unsecured printers that people fail to update. If these are part of a company’s network, cybercriminals can gain access to a printer and move into a company’s entire network. — WTF fun facts
Source: “Ransomware” — NAIC