Last year, a record 71% of organizations suffered from successful ransomware attacks, compared with 55% in 2017. In 63% of cases, companies paid the ransom demanded by criminals (compared to 39% in 2017). There are several explanations why more and more organizations, such as Colonial Pipeline, CNA Financial and JBS Holdings, are currently paying buybacks.
Firstly, the threat of disclosure of stolen data. Most modern ransomware attacks not only encrypt compromised data, but also steal it. Failure to pay the ransom may lead to the public disclosure of highly confidential data.
Secondly, many organizations come to the conclusion that paying a ransom is much cheaper than the high costs of system downtime, customer service failures and potential lawsuits related to the disclosure of confidential data.
Thirdly, increased confidence in the successful recovery of data is often taken into account when deciding on the payment of a ransom, experts from the CyberEdge Group noted. 72% of victims who paid a ransom recovered their data in 2021, up from 49% in 2017.
“Nowadays, becoming a victim of ransomware is more a matter of “when” than “if”. Deciding whether to pay the ransom is not easy. But if companies plan ahead and carefully, the decision can be made long before the attack of ransomware. At the very least, there should be a decision—making system so that precious time is not wasted as the deadline for paying the ransom approaches,” explained Steve Piper, CEO of CyberEdge Group.