Some of the organisations which fall victim to ransomware attacks prefer to pay the ransom as they feel as if they need no other option than to offer into the stress of cyber criminals – and therefore the average ransom amount is now over $1 million.
A Crowdstrike study supported responses from thousands of knowledge security professionals and IT decision makers across the planet found that 27 percent said their organisation had paid the ransom after their network got encrypted with ransomware.
While enforcement agencies say organisations should never concede and pay the ransom, many businesses justify making the payment because getting the decryption key from the attackers is viewed as the quickest and easiest method to revive the network.
However, not only does paying the bitcoin ransom just encourage ransomware attackers to continue campaigns because they all know they’re profitable, there’s also no guarantee that the hackers will actually restore the network fully after the ransom has been paid.
But infecting networks with ransomware is proving to be highly lucrative for cyber criminals, with figures within the report suggesting the standard ransom amount paid per attack is $1.1 million.
In addition to the worth of paying the ransom, it’s also likely that an organisation which comes under a ransomware attack will lose revenue, all due to the loss of operations during downtime, making falling victim to those campaigns a costly endeavour.
However, falling foul of a ransomware attack does function a wakeup involve the bulk of victims; over three-quarters or respondents to the survey say that within the wake of a successful ransomware attack, their organisation upgraded its security software and infrastructure so on reduce the danger of future attacks, while two-thirds made changes to their staff with an equivalent purpose in mind.
It’s unclear why almost a quarter of those who fall victim to ransomware attacks don’t decide to make any changes to their cybersecurity plans, but by leaving things unchanged, they’re likely putting themselves in danger from falling victim to future attacks.
That’s especially the case during 2020, which has brought additional cybersecurity vulnerabilities to organisations because of the rise of people working from home thanks to the coronavirus pandemic.
In a foreign working situation the attack surface has increased repeatedly and security can’t be secondary business priority, Chief Technology Officer for EMEA at CrowdStrike.
To avoid falling victim to ransomware attacks, it’s recommended that organisations make sure that systems are updated with the newest security patches, something which may prevent cyber criminals taking advantage of known vulnerabilities to deliver ransomware.
It’s also recommended that two-factor authentication is deployed throughout the organisation, so that within the event of criminal hackers breaching the perimeter, it’s harder for them to maneuver laterally round the network and compromise more of it with ransomware or the other sort of malware.
