Even though cyber security experts around the globe (including FBI experts) are saying that victims of ransomware should not pay the ransom, statistics of 2016 reveal that 48% of businesses that were hit by a ransomware paid the ransom. Amount of money paid as ransom is shocking: average payment was $2,500 and 7% of businesses that participated in the research revealed that they had paid more than $10,000.
As speaking of businesses, ransomware attacks usually are result of just one employee that did something wrong and infected all network of computers located in the company. That means one mistake by one person can cost lots of money to the business. You can say that educating employees about cyber security threats is a must now.
This recent research included 618 respondents, majority of them – IT contractors, managers and business owners. Unfortunately, only a few respondents were able to say that they are confident about IT security and ransomware attacks are not a really big deal for them. 2016 was a rough year in terms of ransomware attacks and as expected 2017 is going to be even worse.
An average of one or more ransomware infections go undetected per month and are able to bypass their organization’s IPS and/or AV systems, according to 44 percent of respondents
Most of victims experienced attacks of crypto and locker ransomware, 80% and 20% respectively. Moreover, most of them noticed that they were given a time limit to pay the ransom. It’s a wise trick by cyber criminals to push victims to make the payment without thinking about other alternatives.
And the ransom payment or/and data loss is not even the worst part of being hit by a ransomware as a business. Downtime of the website and denied access to operate the business cost much more than the actual ransom.
Another problem is refusal to report ransomware attacks. Victims of ransomware usually think that this crime is not very important, thus there is no need to report it to the police or are afraid of repeated attacks. Nonetheless, every ransomware attack should be reported, doesn’t matter if you are a personal user or representative of a business.
The ultimate way to protect your system from a ransomware is to have full back-up of all data and all systems on external storage. 52% of respondents that refused to pay the ransom had an active back-up and were able to restore the system.