IT disaster recovery, cloud computing and information security news

80 percent of organizations that paid a ransom demand were hit again

Cybereason has published results of its second annual ransomware study which set out to better understand the true impact on businesses. This global study reveals that 73 percent of organizations suffered at least one ransomware attack in 2022, compared with 55 percent in the 2021 study.

The study once again finds that ‘it doesn’t pay-to-pay’ a ransom demand, as 80 percent of organizations that paid were hit by ransomware a second time, with 68 percent saying the second attack came in less than a month and 67 percent reporting that threat actors demanded a higher ransom amount.

The report, ‘Ransomware: The True Cost to Business Study 2022’, further revealed that of the organizations who opted to pay a ransom demand in order to regain access to their encrypted systems, 54 percent reported that some or all of the data was corrupted during the recovery process, compared to 46 percent in 2021, an increase of 17 percent year-over-year.

The report says that these findings underscore why it does not pay to pay ransomware attackers, and that organizations should focus on detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

“Ransomware attacks are traumatic events, and when ransomware gangs attack a second, third or fourth time in a matter of weeks, it can bring an organization to its collective knees. Deploying effective anti-ransomware solutions is easier said than done, and the hackers know it. After being hit the first time by a ransomware attack, organizations need time to assess their security posture, determine what are the right tools to deploy, and then find the budget to pay for it. The ransomware gangs know this and it is the biggest reason they strike again quickly,” said Lior Div, Cybereason CEO and Co-founder.

Other key findings in the research include:

  • A weak supply chain leads to ransomware attacks: nearly two-thirds (64 percent) of companies believe the ransomware gang got into their network via one of their suppliers or business partners.
  • Senior leadership attrition: 35 percent of companies suffered C-level resignations following a ransomware attack.
  • A Matter of life and death: nearly 30 percent of companies said they paid a ransom because of the risk to human life due to system downtime.
  • Ransom demands increase with each attack: nearly 70 percent of companies paid a higher ransom demand the second time.
  • Ransomware attacks lead to business disruptions: nearly one-third (31 percent) of businesses were forced to temporarily or permanently suspend operations following a ransomware attack.
  • Layoffs result from ransomware attacks: nearly 40 percent of organizations laid off staff as a result of the attack.
  • Organizations don’t have the right tools: 60 percent of organizations admitted that ransomware gangs were in their network up to6 months before they discovered them. This points to the double extortion model where attackers first steal sensitive data then threaten to make it public if the ransom demand is not paid.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.