Most business leaders say they would just pay up if hit by a cyberattack

By Sead Fadilpašić
published

They just want their data back, and will happily pay up

ID theft
(Image credit: Future)

If hit by a ransomware (opens in new tab) attack, nearly all business leaders say they would just pay the ransom just to get their data back as soon as possible.

A report from Kaspersky surveying 900 respondents across the world, working in senior non-IT management roles (CEOs, VPs, Directors) found that among previous ransomware victims, 88% of respondents would choose to pay the ransom, rising up to 97% among those who paid the ransom already before.

At the same time, just two-thirds (67%) of those who hadn’t been targeted by ransomware in the past, would pay up. 

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab)

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.

Common occurrence

Companies that were targeted in the past didn’t demonstrate much patience, either. A third (33%) would pay the ransom demand as soon as possible (compared to 15% of non-victims), with another third (30%) doing so after only a few days, and a few unsuccessful attempts at decryption (compared to 19% of non-victims). 

Ransomware is an extremely widespread type of cyberattack. Almost two-thirds (64%) experienced such an attack in the past, and 66% expect it to happen sooner, rather than later. What’s more, the respondents see ransomware attacks as more likely to happen than DDoS attacks, cryptomining, or APT.

Security researchers, and law enforcement alike, are urging organizations not to pay the ransom. Not only is that no guarantee they’ll get their data back, but it also incentivizes threat actors to continue attacking. Many firms get attacked multiple times - sometimes by the same threat actors, sometimes by different groups.

Read more

> Most ransomware victims pay up, but many never recover their data (opens in new tab)

> Ransomware – a burgeoning geopolitical weapon? (opens in new tab)

> Costa Rica says it's 'at war' with Conti ransomware (opens in new tab)

Instead, businesses should focus on prevention (employee training, multi-factor authentication mandate, zero-trust network access, firewalls (opens in new tab), antivirus solutions (opens in new tab), updating software on all endpoints, etc.), and frequently refreshed backups. 

Ever since the attacks against Colonial Pipeline, and JBS, ransomware has been classified as a threat to national security in some countries. 

Sead Fadilpašić
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

See more Computing news