Over a quarter of organizations that have been paralyzed by ransomware attacks choose to pay the ransom. They do this because they don’t have any other options than to accept the demands of the criminals targeting them. The average ransom amount is now more than 1 million dollars.
A study by Crowdstrike collected responses from thousands of IT security pros and decision-makers worldwide. The findings show that 27% said that the organization paid a ransom after their network got frozen by ransomware.
Law enforcement agencies do not like it when people opt to pay instead of reporting to the police.
A quick and easy fix
Many businesses see the option of making a payment to get the decryption key as the easiest and fastest way to get their network back and functional. Paying the Bitcoin ransom encourages the gangs to continue attacking because there is profit potential.
There are usually no guarantees that the criminals will even restore the network if organizations pay.
Infecting corporate networks is proving to be profitable for cybercriminals, with figures in the Crowdstrike report showing an average $1.1 million ransom amount paid per attack. Not only will the company have no guarantees, but they will also lose money because of downtime effects.
Some learn, and others don’t
Falling victim to an attack can be a reminder to many of the victims. 3 out of 4 who have been attacked reported that they upgraded their security measures and infrastructure in the event of a future attack.
It is unclear why almost 1 out of 4 victims do not plan to change anything in their security plans. When they leave the door open, they are putting themselves at risk of becoming a victim again if future attacks are successful.
Tip: Cybercrime becomes more sophisticated: ‘we can’t continue like this.’