9 in 10 organizations would make ransomware payments again if targeted

Ransomware payments continue to see an increase as cybercriminals realize that most businesses are now willing to pay a lot more to get back their data. While the cost of data breaches continues to fluctuate depending on the value of the date, ransomware payments are increasing, especially with most businesses realizing their reputation is at stake.

In fact, one of the biggest ransomware payments ever made was in 2021 when a US insurance company reportedly paid hackers US$ 40 million in ransom to get back their data after a cyberattack. With a company’s reputation on the line, many are even willing to negotiate with cybercriminals on the ransomware amount.

According to Kaspersky’s How business executives perceive ransomware threat report, 88% of organizations that have previously experienced a ransomware attack would choose to pay a ransom if faced with another attack. Across organizations that have yet to be victimized, only 67% would be willing to pay, and they would be less inclined to do so immediately.

While ransomware remains a prominent threat, with two-thirds (64%) of companies already having suffered an attack, ransomware payment seems to be perceived by executives as a reliable way of addressing the issue.

The report showed that an organization is also more inclined to pay as soon as possible to get immediate access to their data (33% of previously attacked companies versus 15% of companies that have never been victimized), or to pay after only a couple of days of unsuccessful decrypting attempts (30% vs. 19%).

Business leaders within organizations that have previously paid a ransom seem to believe that this is the most effective way to get their data back with 97% of them willing to do this again.

ransomware payments

(Source – Kaspersky)

But this should not be the standard practice for organizations.

This willingness for companies to pay could be attributed to having little awareness of how to respond to such threats, or to the length of time it takes to restore data, as businesses can lose more money waiting for data restorations than they would pay the ransom.

For cybercriminals, if they are aware that organizations are willing to make ransomware payments when breached, it will only encourage them to launch more attacks and even target the same organization. 66% of organizations anticipate that an attack on their business will happen at some stage, viewing it as more likely than other common attack types, such as DDoS, supply-chain, APT, crypto mining, or cyber-espionage.

“Ransomware has become a serious threat to corporations with new samples regularly emerging and APT groups using it in advanced attacks. Even an accidental infection can cause problems for a company. And because it’s about business continuity, executives are forced to make tough decisions about paying the ransom. Giving money to criminals is never recommended though, as this doesn’t guarantee that the encrypted data will be returned and it encourages these cybercriminals to do it again,” commented Sergey Martsynkyan, VP, Corporate Product Marketing at Kaspersky.

As such, businesses need to ensure their organization is well secured. Cybersecurity protection may not be cheap, but it will definitely not cost as high as ransomware payments. Businesses need to increase their cybersecurity spending and not look to paying for ransomware as a solution.