Cybercriminals Return After Getting Ransomware Payments

More than a third (36%) of companies that paid a ransom were later targeted by cyber criminals a second time.

Source: Hiscox | Published on November 9, 2022

Christie's ransomware

According to the latest Cyber Readiness Report released by specialist insurer Hiscox, more than a third (36%) of companies that paid a ransom to cyber criminals were targeted a second time. Furthermore, more than four in ten (41%) of those who paid ransom demands to cyber criminals did not recover all of their data.

The report, which is based on the responses of over 5,000 organizations of all sizes from eight countries, indicates that the industries most likely to be forced to pay a ransom are those with ‘just-in-time’ supply chains: food and drink (62%), manufacturing (51%), and leisure (50%).

However, paying a ransom does not always go as planned for businesses. Despite receiving a recovery key from the hackers, 43% of the businesses that paid had to rebuild their systems. Surprisingly, nearly a third (29%) of those who paid a ransom demand still had data leaked, and more than a quarter (26%) felt that the attack had a significant financial impact by jeopardizing their company’s solvency and viability.

According to the report, the frequency of cyber attacks has increased by 12% year on year, with 48% of businesses experiencing an attack in the last 12 months. Ransomware affected 19% of those attacked, up from 16% the previous year. According to the Hiscox report, phishing is still the most common way for cyber hackers (62%) to successfully infiltrate businesses in a ransomware attack. This was closely followed by access via credential theft (44%), a third-party supplier (40%), an unpatched server (28%), and brute force credentials (17%).

“Ransomware is still the most prevalent and damaging form of cyber attack,” said Gareth Wharton, CEO of Hiscox Cyber. “It is not uncommon for a company to be hit multiple times.” Even if a business owner decides to pay the ransom, they may not be able to fully restore their systems or prevent a data breach. That is why it is critical that businesses take the necessary precautions to protect their data and systems from a cyber attack, such as keeping software up to date, conducting regular in-house training, and frequently backing up data.

“Our report demonstrates that investing in strong cyber defenses and planning an effective response to an attack is more effective than paying cyber criminals.” More than a quarter (26%) of the businesses we surveyed paid a ransom in the hope of recovering their data because they did not have any backups, despite the fact that regular and robust backup processes can be one of the most effective ways of mitigating the impact of a ransomware attack.”