Ransomware attacks are getting bigger and severe in their scope by time. We can see the evil prowess of ransomware attacks at display in Atlanta where the city’s municipal system has become a hostage to the attackers virtually.
Demanding a sum of money for ransomware decrypt is the main catch for the instigators of such attacks. Therefore, there is a perception that by paying a ransom you can restore the ransomware files. However, reality is quite contrary to that, as claimed by a report from Software Company SentinelOne surveying hundreds of US businesses.
According to the report, companies that pay the hackers in the wake of ransomware attack often experience a double whammy i.e. they don’t get their encrypted files back and become victim of ransomware attacks again.
The report says that only 26 percent of the companies paid at least one ransom had their files unlocked. Moreover, they are two-third chances that the companies paying the ransom again become the target of ransomware.
Therefore, The US department of Homeland Security advises against paying a ransom since this trend can lead into forming a business model for organized crimes. But still tech industry seems divided on the issue. For many, paying ransom is the shortest and easiest way to restore ransomware files.
The report also highlights another trend in paying the ransom money to the attackers. Security professionals from more than 500 companies reported that half of the times employees paid the ransom without consulting IT security teams and experts. For that matter, the average ransoms paid by US companies are higher than the global average.
Another worrying fact established by the report is the average amount of business loss, which is closing on to one million dollars. Ransom, loss of work and time consumed in tackling the situation are factored in to estimate this cost. On average, 44 work hours are spent in tackling a ransomware attack.
Regarding the vulnerability that led to the attack, more than half of the companies think incompetence of legacy antivirus protection was the reason. Reviewing the report, VP of SentinelOne thinks that ransomware attackers are only treating companies as their teller machines