Just in time for Anti-Ransomware Day 2022, Kaspersky released a new report about “How business executives perceive ransomware threat,” revealing that most of those who had their business previously attacked by ransomware would choose to pay a ransom if faced with another attack.
According to the report, 67% would be willing yet tentative to pay among organizations that have yet to be victimized. Despite ransomware being a significant threat, the results suggest that most of the companies (64%) that had already suffered an attack see paying the ransom as a reliable way of addressing the issue for executives.
The numbers for companies that had previously been attacked and paid a ransom also believed that it is the most effective way to get their data back, with 97% of them willing to pay ransom again in another attack.
The study suggests the willingness of companies to pay ransom during ransomware attack may be attributed to a couple of factors: it may have to do with having little awareness of how to respond to such threats or preferring not to waste precious time restoring data as businesses can lose more money waiting for data restorations than they would pay the ransom.
With more and more businesses going digital nowadays, ransomware undoubtedly remains a real cybersecurity threat. 64% of companies admitted to having experienced such an incident, and 66% anticipate that an attack on their business will happen at some stage, viewing ransomware to happen more likely than other common attack types, such as DDoS, APT, cyber-espionage and others.
Paying ransom encourages cybercriminals to attack again
“Because it’s about the business’ continuity, executives are forced to make tough decisions about paying the ransom. Giving money to criminals is never recommended though, as this doesn’t guarantee that the encrypted data will be returned and it encourages these cybercriminals to do it again,” explained Sergey Martsynkyan, VP, Corporate Product Marketing at Kaspersky.
To provide insights and spread more information in addressing the issue happening to businesses worldwide, Kaspersky recommends the following key steps to boost protection against ransomware:
- Always keep software updated on all your devices to prevent attackers from exploiting vulnerabilities and infiltrating your network.
- Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminals’ connections to your network.
- Set up offline backups that intruders won’t be able to tamper with. Make sure you can quickly access them in the event of an emergency.
- Enable ransomware protection for all endpoints. Kaspersky Anti-Ransomware Tool for Business is a free tool that shields computers and servers from ransomware and other types of malware, preventing exploits. It is compatible with already installed security solutions.
- If you’re an enterprise company, use anti-APT and EDR solutions for advanced threat discovery and detection, investigation and timely remediation of incidents, and access to the latest threat intelligence. Use an MDR provider to help effectively hunt advanced ransomware attacks. All of this is available with Kaspersky Expert Security.
- If you become a victim, never pay the ransom. It won’t guarantee you get your data back, but it will encourage criminals to continue their business. Instead, report the incident to your local law enforcement agency. You can find a decryptor at https://www.nomoreransom.org.
Interested in Kaspersky’s full report, “How business executives perceive ransomware threat,” can download it here.