New Study Finds That Paying Off Your Ransomware Attackers Has Some Severe Consequences

We know, we know; you’re probably sick of seeing ransomware in headlines, and so are we, but we cannot stress enough how important having an awareness of it is for any business owner. A new study has found that businesses infected by ransomware who choose to pay up experience a different type of fallout--one that is a major cause for concern and a stark reminder that there are no guarantees with ransomware. Ever.

A Cybereason survey, conducted by Censuswide, polled 1,263 security professionals from all over the world and discovered some concerning results. Here are some of the major takeaways, specifically related to companies that paid their ransomware attackers:

• 80% of organizations that paid their ransomware attackers the ransom experienced a second attack.
• Of these organizations, 46% believe that the same hackers were responsible.
• 46% of organizations that paid the ransom found that at least some of their data was corrupted.
• 51% of organizations did not experience data loss or corruption.
• 3% were not able to retrieve their data at all.

This study confirms something that we have been preaching for years. Why should you ever trust a hacker who has encrypted and stolen your data to return it to you? It just doesn’t make sense. Furthermore, when you pay hackers to decrypt your data, you are doing two things. For one, you are inadvertently funding future ransomware attacks by providing the funding hackers need to execute such attacks. You are also showing hackers, and everyone else watching the situation, that ransomware works, which is a far more dangerous idea to foster. If cybercriminals see that these attacks work, they continue to propagate them.

Granted, we understand that it’s not always so simple; the recent rise in “double-extortion” ransomware puts a lot of pressure on organizations to pay the ransom. Hackers threaten to release the encrypted data when the ransom is not paid, potentially subjecting the company to further data privacy fines. It’s just adding insult to injury and kicking organizations when they’re down. This particular approach is devastating because even the usual method of beating ransomware--restoring a data backup--won’t stop the hackers from releasing said data. It’s a tough spot to be in.

Our recommended course of action is simple: take proactive measures against ransomware before you get infected by it, as no matter what circumstances you find yourself in post-infection, it is sure to get messy and complicated.

Preferred can equip your business with the proper security measures and tools to minimize the chance of ransomware infection. Furthermore, we can help you take appropriate action in the event that you do get infected. Don’t let hackers dictate the future of your business; give us a call at 708-781-7110.