A new Kaspersky report found that more than half of organisations are willing to pay if they became victims of ransomware and most of them would pay a second time if attacked again.
According to “How business executives perceive ransomware threat”, a report by the cybersecurity and digital privacy company, 88% of organisations previously attacked by ransomware would choose to pay the ransom if attacked again.
67% of those who have not yet fallen victim to ransomware say they would be willing to pay and only 15% of them would do so immediately.
Business leaders within organisations that have previously paid a ransom seem to believe that this is the most effective way to get their data back. 97% of them are willing to do it again.
Kaspersky attributes this to lack of awareness of how to respond to ransomware.
Ransomware has become a serious threat to corporations with new samples regularly emerging and APT groups using it in advanced attacks. Even an accidental infection can cause problems for a company.
And because it’s about the business’ continuity, executives are forced to make tough decisions about paying the ransom. Giving money to criminals is never recommended though, as this doesn’t guarantee that the encrypted data will be returned and it encourages these cybercriminals to do it again.
At Kaspersky, we are working hard to help the business community avoid such outcomes. It is important for companies to follow basic security principles and look into reliable security solutions to minimise the risk of a ransomware incident. On Anti-Ransomware Day, it is worth remembering these practices
Kaspersky Corporate Product VP, Sergey Martsynkyan.
Want to protect your organisation from ransomware? Here are some recommendations from Kaspersky :
- Always keep software updated on all your devices to prevent attackers from exploiting vulnerabilities and infiltrating your network.
- Focus your defense strategy on detecting lateral movements and data exfiltration to the internet. Pay special attention to outgoing traffic to detect cybercriminals’ connections to your network.
- Set up offline backups that intruders won’t be able to tamper with. Make sure you can quickly access them in the event of an emergency.
- Enable ransomware protection for all endpoints. Kaspersky Anti-Ransomware Tool for Business is a free tool that shields computers and servers from ransomware, along with other types of malware, preventing exploits. It is compatible with already installed security solutions.
- If you’re an enterprise company, use anti-APT and EDR solutions for advanced threat discovery and detection, investigation and timely remediation of incidents, and access to the latest threat intelligence. Use an MDR provider to help effectively hunt advanced ransomware attacks. All of this is available with Kaspersky Expert Security.
- If you become a victim, never pay the ransom. It won’t guarantee you get your data back but it will encourage criminals to continue their business. Instead, report the incident to your local law enforcement agency. You can find a decryptor at https://www.nomoreransom.org.
The full report, “How business executives perceive ransomware threat” is available for download here.
