The Channel logo

News

By | John Leyden 7th September 2016 12:07

When you've paid the ransom but you don't get your data back

Oh, British firms... you're not alone – 1 in 3 pwned firms agree

Almost one in three firms that pay ransom fail to get their data back, according to new research from Trend Micro.

A poll of IT managers at 300 UK businesses sponsored by Trend Micro found that 44 per cent of UK businesses have been infected by ransomware in the last two years.

The study also found that around two-thirds (65 per cent) of UK companies confronted with a ransomware infected end up paying out in the hopes of getting their data back.

The average amount of ransom requested in the UK was £540, although 20 per cent of companies reported ransoms of more than £1,000. The majority – 57 per cent of companies – reported having been given under 24 hours to pay up.

Organisations affected by ransomware estimate they spent 33 person-hours on average fixing the problem.

The ransomware problem is growing. Trend Micro has identified 79 new ransomware families so far this year, compared to 29 in the whole of the 2015.

“When faced with a ransom situation, most organisations simply cannot afford to part with the encrypted data and are forced to fork out the requested amount, often more than once,” said Bharat Mistry, a cybersecurity consultant at Trend Micro. “Caving in to the demands of cyber-extortionists only reassures them of their strategy and perpetuates the threat cycle. That’s why companies must adequately protect themselves against ransomware and avoid playing on the attacker’s terms.”

Quizzed about their motivation behind a decision to pay the ransom, most companies (37 per cent) said they were worried about being fined if data were lost. Other reasons included encrypted data being highly confidential (32 per cent) and an easy-to-pay, low ransom amount (29 per cent).

Separately, the majority (66 per cent) of companies that refused to pay up said they don’t bargain with cybercriminals as a rule. A further 60 per cent claimed they were able to recover the data from back up files, and over a quarter (26 per cent) believed the data encrypted wasn’t valuable or confidential, and hence was not worth paying for. ®

comment icon Read 43 comments on this article or post a comment alert Send corrections

Opinion

Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella
Stranded_ships

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral

Features

Locker room jocks photo via Shutterstock
Best locker-room strategy: Avoid emulating AWS directly
STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock