Companies infrequently adhere to the counsel of never surrendering ransom payments

In the digital world, a pressing question for businesses hit by ransomware attacks is whether to pay the ransom or not. Cybersecurity professionals, such as Kaspersky, consistently advise against it, but the reality can be more complex.

Recent incidents highlight this dilemma. Colonial Pipeline, for instance, paid a $4.4 million ransom following a cyberattack. On the other hand, CNA Financial parted with $40 million last year, likely the highest-known ransom paid to date.

The decision to pay a ransom can offer a quick resolution, allowing businesses to strengthen their defenses in response. This approach, as shown by a survey of 3,400 IT and cybersecurity professionals across 17 countries, has led to significantly reduced ransom amounts over the past year.

However, the majority of companies that have paid ransomware ransom attempts have subsequently tried to improve their cybersecurity capabilities. This includes enhancing cybersecurity hygiene and organisation, which has reduced their susceptibility to future attacks.

Yet, the ransomware challenge remains largely theoretical for executives until they experience an attack. Interestingly, companies that are more aware of the ransomware threat are more likely to pay ransoms immediately, with 43% doing so compared to the 26% that were less informed, according to Kaspersky.

Preventative measures and early detection are the best lines of defense against ransomware, according to Jacco. Those that choose not to pay the ransom are likely to be mature in their cybersecurity capabilities and have a way of recovering data without paying.

Jacco also emphasised that the appropriate response to a ransomware attack is situational, and it depends on the type of data or infrastructure put at risk. He suggested that enterprises should develop a playbook to follow in the event of an attack.

The predominantly held view that ransom payments teach bad behavior is rarely put to the test when enterprise data and financial performance are on the line. In fact, Kaspersky's report suggests that businesses often lose more money waiting for restoration than paying the ransom.

It's worth noting that one in five companies that didn't pay ransoms still regained access to their data. This underscores the importance of having robust recovery mechanisms in place.

Paying ransoms, however, incentivises ransomware threat actors and reinforces their use of malware for financial gain. As such, the decision to pay or not to pay remains a delicate balance between immediate resolution and long-term consequences.

In conclusion, the ransomware landscape is ever-evolving, and businesses must continually adapt their strategies to stay ahead. Developing a comprehensive cybersecurity strategy, including a playbook for responding to attacks, is crucial in this fight.

Companies infrequently adhere to the counsel of never surrendering ransom payments