For businesses struck with ransomware, new studies show it’s not worth paying the ransom. Not only will you not likely get your data back, you’ll be targeted for future attacks.
A report from security firm SentinelOne showed 45% of US companies hit with ransomware last year decided to pay the ransom. But when they did, only 26% of them had their files unlocked.
Worse, 73% of companies that paid the ransom were targeted and attacked again. Apparently someone who has paid once is considered a juicy target for cyber-criminals.
Surprisingly, these ransoms were often paid by employees without consulting the company’s security professionals. The report also showed the US is paying higher ransoms than any other region in the world – an average of $57,088, as opposed to the global average of $49,060.
That’s a lot of money to have to pay upfront. But the loftier figure is the estimated business cost due to ransomware attack. In ransom, work-loss, and time spent responding, a single ransomware attack costs a business on average more than $900,000.
This sounds like a lot, but when you factor in losing all your business data – including private client details and other collateral damage – a significant ransomware attack can shut many businesses down.
So how do these attacks take place, anyway? According to the report, most organizations (53%) blamed legacy antivirus protection for failing to prevent the attack.
But given ransomware makers are constantly refining their malware to bypass AV software, it’s folly to solely rely on it as the first and last line of defense. The best approach to ransomware is a multi-pronged approach – one that utilizes things like AV solutions, backup software, and firewalls all working together.
One such solution is BackupAssist’s CryptoSafeGuard solution, which protects your backups against ransomware (Read more).