To pay or not to pay? For companies unfortunate enough to be hit by a ransomware attack, that is the crucial question.
Ransomware attacks — in which cyber criminals lock up a victim’s data or computer system and release it only if a ransom is paid — exploded in 2020 and 2021, in part because a shift to remote working during the pandemic left organizations more vulnerable to hacking.
But the tide appears to be turning. In its mid-year 2022 Cyber Threat Report, US security company SonicWall identified a 23 percent drop in the number of ransomware attempts. It attributed this to several factors — including a “downward” trend in the number of organizations willing to pay cybercriminals.
Steve Tcherchian, chief information security officer at XYPRO, a cyber security solutions company, says that, in many cases, companies “don’t have a choice but to pay a ransom”. But he adds that “a lot of that is their own doing” due to lax cyber security practices. Having a clear incident response plan, and multiple backups of data is vital to guarding against having to pay out in the future, he says.
That trend is borne out in the data gathered by those who help victims of ransomware handle the fallout. In 2019, 85 percent of ransomware cases handled by cyber security group Coveware ended in a payment. But, in the first quarter of 2022, that proportion had fallen to 46 percent.