Why Paying The Ransom Is Still The Most Common Response To A Ransomware Attack?

By   ISBuzz Team
Writer , Information Security Buzz | Sep 27, 2022 07:02 am PST

According to new data from Databarracks, 44% of the organizations who experienced a ransomware assault paid the demanded ransom. 22% made use of ransomware decryption software, while 34% restored data from backups.

The Databarracks 2022 Data Health Check produced the results. The annual report has been collecting data on ransomware, cyber, backup, disaster recovery, and business continuity from more than 400 UK IT decision-makers since 2008.

According to James Watts, managing director of Databarracks, “From the victim’s standpoint, it’s logical why you may pay a ransom. You are unable to handle orders or provide customer support, and losses mount swiftly. Downtime expenses can easily surpass the ransom.

“Organisations may believe that paying the ransom will solve the issue more quickly, allowing them to resume operations as usual. This strategy is faulty for a number of causes.

“First of all, there is no assurance that your data will be returned. Second, once criminals know an organization is an easy target, they frequently attack it again. Finally, it conveys the incorrect message. By paying, you are assisting the crooks by demonstrating that their strategies are effective.

“However, with the appropriate planning and direction, you may restore your data and avoid paying the ransom.

Maintain the concept of least privilege, train personnel to recognize phishing emails, and patch and upgrade systems often.

Backups will be shielded from being altered or encrypted by immutable storage and physical or logical air gaps. Your backups are your last line of defense if you are attacked.

Find your most recent, clean recovery point when you need to recover, then do isolated, sandbox recoveries. Before beginning the complete restoration, check sure there are no more instances of ransomware. Finally, test your disaster recovery plan to ensure you understand the procedure and are confident in your ability to recover fast and successfully.

The survey this year revealed that an increasing proportion of organizations have a policy stating whether they would pay a ransom in the event of a ransomware attack. A policy was in place in 68% of organizations, up from 54% the year before. The research shows that people are becoming more aware of and more prepared for ransomware assaults.