Firms Who Pay Ransom Subsidise 10 New Attacks: Report

Just 10% of ransomware victims pay their extorters, but those who do are effectively funding 6-10 new attacks, Trend Micro has warned.

The security vendor used data science techniques to analyze data from multiple sources, including detection telemetry, network infrastructure, blockchain transactions, underground forums, chat logs and more.

Its resulting report, What Decision-Makers Need to Know About Ransomware Risk, claimed that those who decide to pay usually do so quickly, to avoid severe disruption to their infrastructure and services. More than half did so within 20 days.

However, given the low numbers who do pay, they’re generally being forced to stump up more cash more per compromise.

“It’s important to note that paying the ransom only drives up the overall incident cost for victims: even the eventual decryption of their data upon payment won’t undo the business disruption and brand reputation damage that a victim organization might have already suffered from the attack,” the report continued.

“Attackers are also aware that certain industries and countries that pay ransoms also tend to pay more often, so organizations belonging to those industries and countries are also more likely to find themselves at the receiving end of ransomware attacks.”

The report also revealed that over the past two years, ransomware monetization activities have been lowest in January and from July to August.

“These are therefore potentially the best periods for defenders to rebuild infrastructure or take vacations,” it said.

To tackle ransomware effectively, organizations should enhance threat prevention, detection and response efforts, Trend Micro recommended. However, a global focus on reducing the percentage of victims paying would also help a great deal by driving down ransomware's profitability.

The security vendor also claimed that in-depth industry research like this can help decision makers to better understand the financial risk of ransomware. This in turn could enable IT departments to justify bigger spending, governments to budget for restoration and law enforcement more accurately, and insurers to price policies with greater accuracy, it added.

What’s Hot on Infosecurity Magazine?