The majority of businesses have suffered a ransomware attack in the past year however why do ransomware victims pay the ransom?
It has become common knowledge and recommendation from experts and law enforcement agencies, do not pay the ransom. Unfortunately, a leading cyber security firm has reported some alarming news, companies are paying.
- 83 percent of ransomware victims feel they have no choice but to pay up the ransom
- 64 percent of organizations have fallen victim to a ransomware attack in the last year
- 42 percent of organizations have reported to have experienced loss of revenue and reputational damage
- 72 percent of organizations have increased their cybersecurity budgets in the past year
- 93 percent of organizations have allocated a specific budget to fight ransomware threats
Experts in cybersecurity and law enforcement agencies strongly advocate against paying the ransom due to numerous reasons. This behaviour encourages cyber criminals, hackers, and bad actors to spread more ransomware to more organizations. It also does not guarantee data restoration as well as that the cybercriminal hackers will not launch another cyber attack on your organization.
Organizations need to proactively defend themselves against these cyberattacks instead of paying the ransom. Cyber security experts agree that companies must first ensure privileged access to their network such as using multi-factor authentication (MFA) or other methods to enforce zero trust. This will keep cybercriminals contained and minimize the damage they can do to your organization.
Why do ransomware victims pay the ransom? Password-Stealing attacks are surging.
According to Kaspersky, password-stealing malware attacks from hackers have increased by 45 percent in the last six months of 2020 showing clear signs of the need for improved cyber security policies when it comes to login security.
Based on research from their cyber security team regarding Trojan-PSW that is a stealth application that gathers login and other account information, there was nearly 500,000 targets in September 2021 as compared to April 2021.
Organizations need to remember that user logins, passwords, payment details, and other personal identifiable information remain a hot item on the dark web market for cyber criminals.
Cyber security professionals recommend that businesses and users take extra cyber security precautions to protect their personal information. This includes multi-factor authentication (MFA). Cyber criminals and hackers are also using password stealers more often, which indicates users should be extra careful, refrain from following bogus links, and use an updated cyber security solution.
Cyber security insurance changes
Most insurance organizations are explicitly setting the requirement for multifactor authentication as a minimum-security standard in order to be insured. This would save organizations from over 90 percent of cyber security attacks and cyber threats.
Cyber criminals have been using SIM swapping and other methods to intercept one-time passwords generated by text message. In 2021, Microsoft recommended that all organizations avoid MFA methods that rely on phone networks and instead rely on authentication apps for authentication.
Let our complimentary data breach scan investigate if your credentials have been compromised by hackers.
365 iT SOLUTIONS is a leading IT consulting firm in Toronto that offers Managed IT Services, Tech Support Services, Cloud Services, Managed Security Services, IT Support Services, IT Outsourcing Services, Business continuity and disaster recovery (BCDR), and Cyber Security Training and Dark Web Monitoring.
We Make IT Simple!