Paying a ransom does not always work out the way businesses hope it will, according to an insurer’s survey. Of those businesses that did pay, 43pc still had to rebuild their systems, even though they received a recovery key from the hackers. Near three in ten (29pc) who paid a ransom demand still had data leaked, and a quarter (26pc) felt that the attack had a significant financial impact by threatening the solvency and viability of their business.
Sectors that were forced to pay a ransom were those with ‘just-in-time’ supply chains: food and drink (62pc), manufacturing (51pc) and leisure (50pc). A good third (36pc) of companies who paid a ransom to criminals went on to be targeted for a second time; while four in ten (41pc) of those that paid ransom demands failed to recover all their data.
The survey suggests that the frequency of cyber attacks has increased by 12pc year-on-year – with near half, 48pc of businesses suffering an attack in the past 12 months. Of those attacked, 19pc were victims of ransomware, compared to 16pc in the previous year. As for a point of entry for cyber hackers, the number one (62pc) to infiltrate businesses in a ransomware attack is via phishing. This was followed by entry using credential theft (44pc), a third-party supplier (40pc), an unpatched server (28pc), and brute force credentials, such as password guessing (17pc).
Gareth Wharton, Hiscox Cyber CEO, said: “Ransomware is still the most prevalent and damaging form of cyber attack and it is not uncommon for a company to be hit multiple times. Even if a business owner makes the decision to pay the ransom, often they cannot fully restore their systems or prevent a data breach. That is why it is vital that businesses take the necessary steps to protect their data and systems against a cyber attack; making it harder for cyber criminals to gain entry to their systems by keeping software up-to-date, running regular in-house training, and frequently backing-up data.
“Our report shows that investing in building robust cyber defences and preparing an effective response for an attack are more effective than paying cyber criminals. It is revealing that more than a quarter (26pc) of businesses we surveyed paid a ransom in the hope of recovering their data because they did not have any back-ups, when regular and robust back-up processes can be one of the most effective ways of mitigating the impact of a ransomware attack.”
About the survey
Hiscox commissioned Forrester Consulting to gather information about businesses cyber activities and readiness; 5,181 people responsible for their company’s cyber security strategy were surveyed (over 900 each from the USA, UK, France and Germany; more than 400 each from Belgium, Spain and the Netherlands; and more than 200 from the Republic of Ireland). Respondents completed the online survey between November 2021 and January 2022.
Andy Norton, European Cyber Risk Officer at Armis, said: “Serial bank robber Willie Sutton, was once asked by the FBI, why he robbed banks, Sutton famously replied, “because that’s where the money is.” Nothing has changed, the motivation for criminals is to make money, extorting money from holding data hostage is the fundamental driver behind ransomware attacks. You only have to be connected to the internet in order to be an opportunistic target for criminals, and even more so when ordinary people in their thousands or millions rely on these organisations for their services. Take the healthcare industry for example; if leaders of these organisations don’t understand that cybersecurity is becoming a critical part of patient care and start adjusting their security practices accordingly to boost security posture – it puts them at enormous risk to continuously be attacked by ransomware gangs.”
And Sam Curry, chief security officer at Cybereason, described ransomware as preventable: “Ransomware is a clear and present danger to all organisations, no one can pay their way out of the problem, and there isn’t enough cyber insurance to save an organisation from business operation disruptions and proprietary data loss. The findings in the Hiscox Cyber Report should be a wake-up call to all organisations to improve their security readiness, but until ransom payments are outlawed entirely, or organisations stop paying, the annual global ransomware economy will continue to exceed $3 billion.