(yet) another reason Why paying ransomware demands hurts. (The FBI agrees)

1 Jul 2021 | News, Security

Recently, we asked the question if organisations should pay ransomware demands. There is the balance between desperation and the uneasy knowledge that you might be funding further criminal attacks on the community.

We’ve just read a paper that tells us that it also makes you more likely to be subject to another attack. .

 

The authors of the paper, Cybereason, are trying to sell their service, so you might well think it is a little self-serving of them to come to this conclusion, but in this case, we think they are right. It makes sense, and the data they present is compelling.

Their paper tells us that 80% of organisations that pay a ransom are attacked again, often by the same criminals. These ransoms are crippling once, let alone twice.

One statistic that jumped out at me was the comment that 50% of law firms that suffered ransomware had to lay off staff to survive.

That is a little more than average which was 29% of organisations having to lay off staff after an attack, only slightly more than the number of organisations that had to shut down their operations entirely.

Another conclusion the report draws is that paying the ransom doesn’t necessarily give you back your data. In almost half the ransoms paid, the data came back infected or damaged.

Chris Wray is the director of the FBI.  Here’s what he had to say “In general, we would discourage paying the ransom because it encourages more of these attacks, and frankly, there is no guarantee whatsoever that you are going to get your data back,” Wray testified before a U.S. Senate appropriations panel.” 

The obvious conclusion is to invest in your cyber-protection, rather than paying out ransoms.  We’re committed to bringing forward pragmatic cyber-security solutions for our clients, and we will keep developing these with new services forward as the threats evolve. 

Read the Cybereason report yourself : [eBook] Ransomware: The True Cost to Business (cybereason.com)