Most businesses give in to ransomware attacks and pay out

Ransomware
(Image credit: Pixabay)

Despite cybersecurity experts and law enforcement agencies warning against yielding to ransom demands, most organizations still paid their way out on at least one occasion.

As per the 2023 Global Cyber Confidence Index from network detection and response (NDR) firm ExtraHop, of all the organizations that suffered a ransomware attack, 83% admitted to paying the perpetrators at least once.

At the same time, the number of attacks has risen dramatically in recent years. ExtraHop says that in 2021, an average company reported suffering four attacks in five years; last year, however, it was four attacks in just one year. The researchers said this was made possible, among other things, due to significant security debt.

Drowning in security debt

In fact, organizations are “drowning” in unaddressed security vulnerabilities such as unpatched software, unmanaged devices, shadow IT, insecure network protocols, and similar. 

More than three-quarters (77%) of IT decision-makers said outdated cybersecurity practices were to blame for at least half of the incidents they experienced, but at the same time, fewer than a third said they would be addressing these problems immediately.

Virtually all (98%) are running at least one insecure network protocol, up 6% year-on-year. SMBv1, a protocol that “played a significant role” in WannaCry and NotPetya, is in use by more than three-quarters (77%) of firms today. 

In addition, 53% of firms are running critical devices that can be accessed and controlled from a remote location, while 47% have some critical devices exposed to the public internet.

“As organizations find themselves overburdened by staffing shortages and shrinking budgets, it’s no surprise that IT and security teams have deprioritized some of the basic cybersecurity necessities that may seem a bit more mundane or expendable,” said Mark Bowling, ExtraHop's Chief Risk, Security and Information Security Officer. 

"The probability of a ransomware attack is inversely proportional to the amount of unmitigated surface attack area, which is one example of cybersecurity debt. The liabilities, and, ultimately, financial damages that result from this deprioritization compounds cybersecurity debt and opens organizations up to even more risk." 

"Greater visibility into the network with an NDR solution can help reveal the cyber truth and shine a light on the most pressing vulnerabilities so they can better take control of their cybersecurity debt."

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Bad news - businesses who pay ransomware attackers aren’t very likely to get their data back
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
A computer being guarded by cybersecurity.
The impact of the cyber insurance industry in resilience against ransomware
Representational image of a cybercriminal
Should ransomware payments be illegal?
Security padlock in circuit board, digital encryption concept
Rising cost of breaches forces organizations to rethink cybersecurity
Concept art representing cybersecurity principles
How to combat exfiltration-based extortion attacks
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
Millwall FC The Den
The UK's first football club mobile network is here - but you probably won't guess which team has launched it
The Witcher 4
You're probably not playing The Witcher 4 until 2027 at the earliest, per CD Projekt's latest financial update
Apple iPhone 16 Pro REVIEW
The iPhone 17 Air looks impressively slim in this new comparison image, but that just makes me more worried about the specs
Matt Murdock smiling in Daredevil: Born Again episode 5 and Kamala Khan looking stunned in The Marvels
Daredevil: Born Again episode 5 just revealed what Kamala Khan has been up to since The Marvels, and now I'm more excited for the next superhero team to appear in the MCU
Google Pixel Watch 3, 41mm and 45mm
Google says it will fix broken Wear OS 5.1 update, but why does this keep happening?
DeepSeek
DeepSeek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models