Search This Blog

Powered by Blogger.

Blog Archive

Labels

Cohesity Research Shows That Most Firms Break Their "Do Not Pay" Policies by Paying Millions in Ransoms

The majority of companies are unable to retrieve their data and resume their operations within three days.

 

While a "do not pay" ransomware policy may sound appealing in theory, thwarting attackers' demand for ransom in exchange for stolen data is easier said than done. A recent study conducted by Cohesity, a leader in AI-powered data security management, reveals this truth.

The study surveyed over 900 IT and security decision makers who "take an if not when" approach regarding cyberattacks on their business. According to the study, 94% of participants stated that their organisation would pay a ransom to retrieve data and resume commercial operations, with 5% responding, "Maybe, depending on the ransom amount." 

The majority of those surveyed had paid a ransom in the previous two years, and the vast majority predicted that the threat of cyberattacks will increase dramatically by 2024. Worryingly, 79% of respondents reported that their firm has been the victim of a ransomware assault between June and December 2023. As a result, 96% of respondents believe the threat of cyberattacks to their industry would increase this year, with 71% expecting it to increase by more than 50%. 

9 out of 10 companies paid ransom 

Sixty-seven percent of respondents stated their organisation would be prepared to pay more than $3 million to retrieve data and restore business processes, while 35% were willing to pay $5 million as ransom. The study also demonstrated the need of being able to respond and recover, as 9 in 10 respondents indicated their organisation had paid a ransom in the previous two years, despite 84% claiming their company had a "do not pay" policy.

"Organisations can't control the increasing volume, frequency, or sophistication of cyberattacks such as ransomware," explained Brian Spanswick, Cohesity's chief information security officer and head of IT. "What they can control is their cyber resilience, which is the ability to respond quickly and recover. 

Expanding ransomware tactics

Since every ransomware incident is unique, the best people to determine whether or not to pay a ransom should be law enforcement or the cyber insurance provider for a company. Now, it appears that each ransomware attack is becoming more sophisticated and intense as the attack surface keeps expanding. 

Delinea, a privileged access management (PAM) company, stated in its annual State of Ransomware report that the growing quantity and frequency of ransomware assaults indicate a shift in attackers' strategy. 

According to Delinea, new tactics that use "stealth" to exfiltrate sensitive and private data have supplanted the tried and tested approaches of crippling a business and holding it hostage. For this motive, hackers usually make threats to either exploit the data to secure an attractive cyber insurance payout or sell it to the highest bidder on the darknet. 

Remember that external as well as internal sources can pose a threat to an organisation's cybersecurity. 90% of respondents stated insider threats are more or equally difficult to identify and avoid than external attacks, as the Securonix 2024 Insider Threat Report attests.
Share it:

Business Security

Cyber Security

Data Backup

Ransomware attack

Threat Landscape