Cyber criminals only honour half of ransomware payments
Victims still don't get files decrypted after sending money, says new report


Paying money to cyber criminals following a ransomware attack is no guarantee that files will be decrypted, according to a new report.
Imperva's CyberEdge Group's fifth annual Cyberthreat Defense Report found that 55% of respondents were compromised by ransomware in 2017, down from 61% in 2016. However, when infected by ransomware, out of the companies that paid the ransomware, 49% recovered their data while 51% lost their data.
The research questioned 1,200 IT security decision makers and practitioners from 17 countries and 19 industries. It found that out of the companies that refused to pay the ransom, 87% recovered their data, 13% lost their data.
"Just over half of the survey respondents admitted that following a ransomware infection they still lost their data even though they paid the fine," said Terry Ray, CTO at Imperva.
"This highlights the reality that there is no guarantee a company will get their data back if they pay the ransom. Companies therefore need to stop ransomware attacks from the very beginning, before the encryption of data takes place. The best way to prevent an attack is to immediately detect ransomware file access behaviours before the ransomware spreads across the network and encrypts file servers. Once detected, you can quarantine impacted users, devices and systems."
The report also revealed that for the first time in five years, the percentage of organisations affected by a successful cyber attack decreased, dropping from 79% in 2016 to 77% in 2017. Furthermore, the number of organisations victimised by six or more successful attacks fell from 33% in 2016 to 27% in 2017.
Respondents also highlighted an IT security skills deficit. For the first time in five years, lack of skilled personnel outdid low security awareness among employees as IT security's greatest inhibitor to success. In 2018, four in five organisations are experiencing an IT security skills shortage.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
"The security skills shortage is well-documented so this isn't a surprise. However, to help overcome deficiencies in their human teams, organisations can bolster their cyber defences and bridge the skills gap using machine learning (ML) and artificial intelligence (AI). ML software can perform preventative and analytical security processes and can detect threats at a much greater speed than humans, helping to prevent attacks," said Ray.
Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.
-
Small businesses are ‘flying blind’ on carbon emissions and struggling to track sustainability goals
News Research from Wasabi shows small businesses are struggling to keep track of carbon emissions, and a key factor lies in the poor reporting from tech vendors.
-
Gestion du cloud avancée : Qu'est-ce que StreamOne® et comment la plateforme peut-elle représenter un avantage pour votre entreprise, aujourd'hui et dans le futur?
Sponsored Ne vous contentez pas d'acheter le cloud, maîtrisez-le. La plateforme StreamOne® de TD SYNNEX offre une puissante approche écosystème de la gestion avancée du cloud, dépassant largement les limites d'une marketplace classique...
-
Everything we know about the Ingram Micro cyber attack so far
News A cyber attack on Ingram Micro severely disrupted operations and has been claimed by the SafePay ransomware group.
-
A prolific ransomware group says it’s shutting down and giving out free decryption keys to victims – but cyber experts warn it's not exactly a 'gesture of goodwill'
News The Hunters International ransomware group is rebranding and switching tactics
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs
News An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operators
News A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attack
News A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector