Ransomware: To pay or not to pay?
The global ransomware epidemic has gotten so bad there’s an attack about every eight minutes on average. And as ransom demands go up, more victims are thinking twice about paying — especially when they learn that succumbing doesn’t guarantee full data recovery. Of course some pay for another reason: The criminals also stole sensitive data and threatened to dump it online.
On average, ransompayers were able to recover just 65% of their data after paying for a decryptor key, while 29% said they got only half of the data back. That’s according to cybersecurity firm Sophos’ survey of 5,400 IT decision-makers in January and February in 30 countries.
Another recent survey provides further argument against paying. It found that 80% of businesses who paid suffered a second ransomware attack; nearly half said they thought it was the same criminals. The April survey of nearly 1,300 cybersecurity pros in seven countries for the firm Cybereason detailed a world of hurt. One in three organizations saw senior executives depart as a result of a ransomware attack, 29% suffered layoffs and 26% shut down entirely.