Despite all of the ransomware educational campaigns that have been organized in recent months, half of the victims still meet the ransom demand. That number is incredibly disconcerting, as meeting the ransom demand is no guarantee to have file access restored. A new report by the Ponemon Industry shows the world remains unaware of how ransomware works, by the look of things.
Ransomware Demands Should Never Be Paid
The recent Ponemon Institute report indicates how 48% of all ransomware infections lead to a successful payment to the criminals. That is a very worrisome number, especially when considering how everyone should be aware of how paying the amount is not the right way to go. Instead, it will only lead to financial losses and no guarantee of seeing file access being restored.
To make matters even worse, the average ransom paid was close to US$2,500. Nearly one in ten respondents indicated they paid over US$10,000 to get rid of the ransomware. Albeit all of these payments have had the desired result, these amounts are mind-boggling, to say the least. Criminals only need to infect a few high-profile targets to get their average monthly wages at this rate. It is evident company data is very important to more enterprises and they will go to great lengths to ensure no harm is done.
As one would come to expect, most of these ransomware attacks stem forth from phishing and social engineering attacks. One in three ransomware infections is a direct result of someone visiting a spoofed website, Criminals remain rather creative when it comes to infecting enterprises with malicious software these days. Unfortunately, this report also seems to indicate 2016 was only the beginning for ransomware attacks, and efforts will be stepped up during 2017 and beyond.
Considering how nearly one ransomware infections goes by unnoticed every month, it is clear a lot of work still has to be done. Crypto ransomware remains the most popular type of malware to distribute, although there is an increase in locker ransomware infections as well. In most cases, victims are only given two days or less to pay the ransom, which usually has to occur through a Bitcoin payment.
Although the amounts paid to get rid of a ransomware infection may seem steep, the real cost comes in the form of having to invest in new security defenses. Additionally, there is the loss of revenue during such an attack, which can even result in a loss of customers. Ransomware and other types of malware are a nasty business, yet it seems meeting the Bitcoin demand is the cheapest way to restore file access.
One final thing to keep in mind is how close to half of all ransomware attacks are not even reported to law enforcement agencies. Enterprises are concerned over the public scrutiny this brings to the company. Unfortunately, this also means it is far more difficult to identify the people responsible for these types of attacks.
Header image courtesy of Shutterstock