A recent study shows that paying a ransom to recover your data intact is not the solution. Worse, 78% of victims who paid had to go back to the checkout.
Nearly 80% of organizations that succumbed to blackmail by hackers into paying a ransom experienced a second ransomware attack, often by the same criminal group. This is the alarming observation drawn up by the study Ransomware: The Cost to Business Study 2024 published by Cybereason.
This real vicious circle proves that paying the ransom does not end the problem, quite the contrary. This incentivizes cybercriminals to increase attacks because they know that organizations are willing to give in to their demands.
Ransomware in numbers
The figures revealed by this study are alarming. 78% of organizations that gave in to a ransom experienced another ransomware attack, often from the same attacker.
Of the 78% who experienced a second intrusion, 36% were victims of the same malicious actor and 42% of another. More than half (63%) of these organizations paid more the second time around. Over the past two years, 56% of organizations have been hit by multiple ransomware attacks. The study, which surveyed more than 1,000 cybersecurity experts, showed that 84% of organizations agreed to pay a ransom after being hacked.
Only 47% of them found their data and services intact, which shows that paying is not always the solution, far from it. Despite this danger, only 41% of organizations believe they have the right people and the right plan to deal with the next attack.
Finally, although almost all respondents have cyber insurance, only 40% are certain that a ransomware attack would be covered.
How much does ransomware cost?
In February 2024, a study by cybersecurity company Arctic Wolf assessed the cost of these attacks for businesses. Following a ransomware attack, almost half (46%) of victims estimate the damage to their business between $1 million and $10 million, with 16% reporting losses of more than $10 million. dollars.
Among the countries studied, American companies received the highest ransom demand, with an average of $1.4 million. They are followed by France ($1 million), Germany ($762,000) and the United Kingdom ($423,000).
The study also showed that initial ransomware requests had a median value of $600,000 in 2023, an increase of 20% compared to the previous year.
How to choose the best VPN in 2024? Clubic has tested and compared the performance and security level of the best providers on the market. Find out which is the best Virtual Private Network to secure your Internet connection.
Read more
Hackers who know how to move with the times
While businesses are developing strategies to protect themselves from attacks, hackers are trying to stay one step ahead with a trend toward more sophisticated ransomware attacks, ” slow and silent », which aim to compromise the targeted network as much as possible to obtain the highest ransom. More than half (56%) of cybersecurity experts reported that their organization had not spotted an intrusion for 3 to 12 months.
The most common technique used by ransomware perpetrators to penetrate organizational systems was a supply chain attack (41%). This is followed by 24% of people who entered directly and 22% who accessed victims’ networks with the complicity of an insider.
Researchers have also observed that ransomware authors become more efficient thanks to the generative AI tools they use. These technologies are mostly used to create more credible social engineering messages and translate them effectively into any language.
Paying does not guarantee security
Greg Day, Vice President and Global Head of Security
at Cybereason, said there were many problems with paying the ransoms. “ There is no guarantee that attackers will not sell your data on the black market, that you will recover all of your files and systems, or that you will not be attacked again “, he stressed.
The study shows that businesses lack adequate strategies to combat ransomware, hampering their ability to recover from an incident.
“ They lack either a documented plan or the right people to execute it. As a result, we see that many organizations pay the ransom “, he continued.
2024 is already shaping up to be the year of all dangers in terms of cyber threats. Only the most reliable antivirus security suites are capable of truly effective protection across all platforms. Handpicked, here are the best antiviruses in February 2024.
Read more
Sources: Infosecurity Magazine, Cybereason, Arctic Wolf
Ex-corporate journalist, the world of the web, networks, connected machines and everything that is written on the Internet whets my appetite. From the latest TikTok trend to the most liked reels, I come from the Facebook generation that still fascinates the internal war between Mac and PC. As a wise woman, the Internet, its tools, practices and regulation are among my favorite hobbies (that, lineart, knitting and bad jokes). My motto: to try it is to adopt it, but in complete safety.
Read other articles
6