All insights

Ransomware Poll: 80% Of Victims Don’t Pay Up

A stock image of physical bitcoins

Read the breakdown of the ransomware poll

June 16, 20212 min read

Ransomware is on the rise, but what toll does it take on the real world?

Threatpost set out to answer that question in an exclusive poll aimed at taking the pulse of organizations wrestling with attacks, including looking at mitigations and the defenses organizations have in place. When viewed against the backdrop of complementary reports from Cybereason and Group Salus, a nice picture emerges of how ransomware-related attitudes and security practices are evolving.

As ransomware attacks continue to grow in volume and sophistication – and not to mention profile, thanks to attacks like the one on Colonial Pipeline – organizations are becoming more aware of the risk. However, strategies for addressing ransomware turn out to be quite varied.

Among all 120 respondents to Threatpost’s survey, a little less than a third said they have been a victim of ransomware. In terms of victims, the leading sectors hit the hardest were tech and manufacturing (17 percent and 15 percent of respondents). The next-most-common profiles were evenly distributed among finance, healthcare and critical infrastructure.

A full 80 percent said that they didn’t pay the ransom. The top reason cited, accounting for 42 percent of responses, is that that paying the ransom doesn’t guarantee a decryption key.

That acknowledgement that cybercriminals aren’t trustworthy (go figure) dovetails with new stats out from Cybereason on Wednesday noting that paying up may actually flag victims as easy pickings. A full 80 percent of organizations that paid the ransom said they were hit by a second attack –– almost half were hit by the same threat group and one-third hit by a different one.

Meanwhile, over in the “yes, let’s pay” camp, about 5 percent of Threatpost respondents felt that paying is easier than dealing with business disruption, lost data and remediation, while another 2 percent said that cybersecurity insurance will cover any ransom and related costs.

Read more at ThreatPost

Continue reading

More perspectives

View the archive

Put insight to work

Bring the right security expertise to the next decision.

Tell us what your organization is facing. We will help define the practical next step.

Start a conversation