Ransomware Payments Invite More Attacks

Posted by
Jun 30, 2022
Reviewed by
Jan 16, 2024
min. read
Table of Contents

Federal law enforcement officials and cybersecurity experts agree that organizations targeted by ransomware shouldn’t pay their attackers. In its 2020 ransomware guide, the Cybersecurity and Infrastructure Security Agency says that paying ransoms doesn’t guarantee that your data will be decrypted or that your system is not still compromised.

A new ransomware report from Cybereason offers another reason. A survey of more than 1,400 cybersecurity professionals found that 80 percent of organizations who paid a ransom demand after a successful cyberattack experienced a second attack, sometimes less than a month later, in which the attacker demanded a higher ransom amount.

‘Biggest Global Threat’

Public and private cybersecurity analysis have issued warnings for years about the escalating threat of ransomware attacks. Those warnings grew even louder earlier this week. Lindy Cameron, head of the UK’s National Cyber Security Centre, identified ransomware as the single biggest global threat we face right now.

“Ransomware attacks strike hard and fast. They are evolving rapidly, they are all-pervasive, they’re increasingly offered by gangs as a service, lowering the bar for entry into cyber crime,” Cameron said in a speech during the Tel Aviv Cyber Week. She added that such attacks increasingly “have the potential to affect our societies and economies significantly.”

Follow-On Effects of Ransomware

Cyberattacks don’t merely carry a financial cost for organizations and businesses. They can pose existential threats. The Cybereason report found that a third of all businesses surveyed said they were forced to suspend operations temporarily or permanently in the wake of attacks.

For those companies that didn’t close their doors, successful attacks led to layoffs and resignations. Nearly 40% of organizations had to let staff go following an attack. Another 35% said ransomware attacks led to resignations among corporate officers.

No Room for Complacency

NCSC initiatives have made recent progress in eliminating specific threats. Lindy Cameron told the Tel Aviv Cyber Week audience that UK initiatives such as the Takedown Project in 2021 and the Suspicious Email Reporting Service have saved hundreds of millions of dollars.

Organizations across the world, including the Cybersecurity and Infrastructure Security Agency in the U.S. have devoted increased resources to the problem of ransomware. And yet, the risk of attacks continues to escalate.

The Internet Security Report published earlier this week by cybersecurity firm WatchGuard found a sharp rise in the volume of ransomware attacks. Q1 ransomware incidents in 2022 hit 2,365, according to the report – well more than three times the number in Q1 of 2021.

Identify Your Vulnerabilities

No business or organization is immune from cybersecurity threats. Ransomware gangs target any entity from which they think they can extract valuable information or succeed in extorting a ransom payment.

Government watchdogs and law enforcement agencies have provided guidelines to limit an organization’s vulnerability to attack. These include maintaining offline encrypted backups of all critical data and hardening endpoint security organization-wide.

The SecureDrive® Solution

The data security specialists at SecureData understand how critical it is to prevent backup systems from lateral infection by ransomware and other types of malware. They’ve built a suite of tools that give organizations maximum control over critical data at rest and in transit.


Discover our secure data Solutions

Data Recovery Services

From single external hard drives, SSD’s, mobile devices to enterprise NAS, SAN, and RAID failures, we are ready to help recover from digital disasters, anywhere.

Request Help
Philip Bader

After more than a decade in Southeast Asia as a reporter and editor for magazines, newspapers, and online media organizations, Philip Bader now serves as a freelance content writer for Secure Data Recovery Services. He writes blogs and web content about data storage technology, trends in enterprise data recovery, and emerging data storage technology.

© 2024 SecureData Corporation or its affiliates. All rights reserved.