Most business leaders say they would just pay up if hit by a cyberattack

ID theft
Image credit: Pixabay (Image credit: Future)

If hit by a ransomware attack, nearly all business leaders say they would just pay the ransom just to get their data back as soon as possible.

A report from Kaspersky surveying 900 respondents across the world, working in senior non-IT management roles (CEOs, VPs, Directors) found that among previous ransomware victims, 88% of respondents would choose to pay the ransom, rising up to 97% among those who paid the ransom already before.

At the same time, just two-thirds (67%) of those who hadn’t been targeted by ransomware in the past, would pay up. 

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022end of this survey

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Common occurrence

Companies that were targeted in the past didn’t demonstrate much patience, either. A third (33%) would pay the ransom demand as soon as possible (compared to 15% of non-victims), with another third (30%) doing so after only a few days, and a few unsuccessful attempts at decryption (compared to 19% of non-victims). 

Ransomware is an extremely widespread type of cyberattack. Almost two-thirds (64%) experienced such an attack in the past, and 66% expect it to happen sooner, rather than later. What’s more, the respondents see ransomware attacks as more likely to happen than DDoS attacks, cryptomining, or APT.

Security researchers, and law enforcement alike, are urging organizations not to pay the ransom. Not only is that no guarantee they’ll get their data back, but it also incentivizes threat actors to continue attacking. Many firms get attacked multiple times - sometimes by the same threat actors, sometimes by different groups.

Instead, businesses should focus on prevention (employee training, multi-factor authentication mandate, zero-trust network access, firewalls, antivirus solutions, updating software on all endpoints, etc.), and frequently refreshed backups. 

Ever since the attacks against Colonial Pipeline, and JBS, ransomware has been classified as a threat to national security in some countries. 

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Bad news - businesses who pay ransomware attackers aren’t very likely to get their data back
Representational image of a cybercriminal
Should ransomware payments be illegal?
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
Less than half of ransomware incidents end in payment - but you should still be on your guard
A computer being guarded by cybersecurity.
The impact of the cyber insurance industry in resilience against ransomware
Hack The Box crisis simulation event
“Everyone will experience a hack” - how incident response can protect your organization
Concept art representing cybersecurity principles
How to combat exfiltration-based extortion attacks
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over