Triple hit firms more likely to pay ransomware attackers, survey finds

Succumbing to the demands of ransomware criminals really doesn’t pay and having cyber insurance is likely to make you even more vulnerable to attacks, according to the latest insights survey from cyber solutions vendor Barracuda Networks.

Over 40% of all firms hit by a ransomware attack three times or more paid out last year so that they could retrieve their encrypted data. Of those hit once, 31% paid the ransom, compared to 34% of those hit twice.

The survey – which explores the experience of ransomware attacks on organisations over the last 12 months – also found that almost three-quarters (73%) of respondents were hit with at least one ransomware attack in the same year.

Barracuda’s CTO, Fleming Shi, said that this number likely reflects the widespread availability of low cost, accessible attack tools through ransomware-as-a-service offerings.

For the majority of firms (69%), malicious email, such as a phishing email designed to steal credentials to gain access to the network, was the attack of choice, followed by web applications and web traffic which represent an area of growing risk.

Cybercriminals were also more likely to target organisations with cyber insurance (77%) compared to 65% of organisations without, in the belief, according to Barracuda, that the insurers would be willing to cover the ransom cost for a speedier recovery.

The results suggest that companies with cyber insurance were more likely to pay the ransom to retrieve data (39% v 22% of organisations without cyber insurance).

It could also be that insured firms tend to let their guard down, with the survey finding that firms affected by two or more ransomware attacks were also more likely to have cyber insurance in place (70%).

“The relatively high proportion of repeat victims suggests that security gaps are not fully addressed after the first incident,” added Shi.

“The security industry has an essential role to play in helping organisations to defend themselves against ransomware, through deep, multi-layered security technologies that include advanced email protection and backup as well as threat hunting and extended detection and response (XDR) capabilities to stop malicious activity in its tracks.”

Over a quarter (27%) of the organisations surveyed admitted they were not fully prepared to deal with a ransomware attack.

While this number might be a concern, it is an improvement from an earlier study conducted in 2019, when almost half (44%) said they were unprepared.

To see what your firm can do to mitigate the likelihood of falling victim to a ransomware attack, click here to read TI’s special report on the malware.