More than two-thirds (70%) of cybersecurity professionals believe that the issue of ransomware is being exacerbated by cyber-insurance payouts to victim organizations, according to a new study by cybersecurity firm Talion.
The survey of 200 UK cybersecurity professionals also unveiled some worrying findings about reporting ransomware attacks to law enforcement. When asked why so many attacks are not reported, nearly half (45%) of respondents said that they believe businesses think law enforcement slows down ransomware recovery and they are focused on getting their systems back online. More than a third (37%) said it was because companies have paid a ransom and don’t want to get into trouble.
Additionally, one in 10 of those surveyed said companies didn’t know how to report ransomware attacks to law enforcement.
The report follows a surge in ransomware attacks globally in 2021. Earlier this month, a study from the International Data Corporation (IDC) found that over one-third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months. This has led to numerous eye-watering ransoms being paid to cyber-criminals, ramping up the debate on whether it is ever acceptable to pay a ransomware demand.
Commenting on the study, Mike Brown, CEO of Talion, said: “Our study highlights that many organizations are concerned about reporting ransomware attacks to law enforcement out of fear it could have further negative repercussions. All victims want to get back to business as usual as quickly as possible; however, it can be a complicated landscape to navigate. Should you pay the ransom? If so, is it lawful? Organizations should be mindful that it is unlawful to make a payment to terrorist organizations or prescribed groups in breach of international sanctions. What is required is a clear legal framework that allows organizations to make the best, lawful decisions when they are in this high-stress situation. Law enforcement needs to find a way to work with a commercial organization so that they are viewed as a source of expertise and support, not a further obstacle to overcome.”
“In terms of insurance payouts, it is not surprising so many security professionals see them as fuelling the ransomware industry, as they certainly cushion the blow of attacks. However, payouts are not guaranteed, and insurers are getting stricter every day. The best option is, therefore, to prepare for attacks and rehearse your strategy so when your organization gets hit in real life, losses are kept to a minimum.”
In June, Talion launched the #RansomAware campaign, a coalition of cyber security experts, businesses, academia and government to facilitate collaboration and information sharing around ransomware.