Companies that pay ransomware attackers get thumbs down from consumers

3 years ago 328

More than fractional of those surveyed by information absorption steadfast Cohesity said that companies that wage the ransom successful an onslaught promote ransomware and atrocious actors.

ransomware cybercrime

Image: Shutterstock/Vchal

One of the biggest questions faced by an enactment deed by ransomware is whether to wage the ransom. Many bash wage simply due to the fact that they consciousness it's the quickest and easiest mode of getting backmost to business. But that strategy is not 1 favored by galore consumers, immoderate of whom would debar a institution that's not lone victimized by ransomware but ends up paying the ransom.

SEE: Ransomware: A cheat expanse for professionals (TechRepublic)  

Survey results released Monday by information absorption steadfast Cohesity uncover however consumers consciousness astir organizations that endure a ransomware attack. Commissioned by Cohesity and conducted by Propeller Insights successful August 2021, the survey elicited responses from much than 1,000 U.S. consumers betwixt the ages of 18 done 75, and older, each of whom person heard of ransomware.

Among the respondents, 81% said they were acquainted with the caller ransomware attacks connected Colonial Pipeline, JBS Holdings, Kaseya, SolarWinds and U.S. hospitals.

Some 22% said that a institution with which they bash concern had been deed by ransomware, portion 21% judge their ain institution had been wounded by an attack. Those surveyed pointed to government, fiscal services and insurance, lipid and energy, healthcare and pharmaceutical, and exertion arsenic the apical industries astir susceptible to ransomware.

Some 40% of the respondents, said they deliberation that organizations deed by ransomware should not wage the ransom. More than fractional of those surveyed said that companies that bash wage the ransom promote much ransomware and cybercriminals. And 43% judge that ransom payments summation the prices consumers wage for goods and services.

An enactment that pays a ransom risks a atrocious estimation with consumers. Some 23% of those surveyed said they'd halt doing concern with a institution that paid a ransom. Further 48% couldn't accidental whether oregon not they'd halt doing concern but indicated this arsenic a large interest and would springiness it a batch of thought.

SEE: Ransomware attack: Why a tiny concern paid the $150,000 ransom (TechRepublic) 

Consumers people would suffer assurance successful a institution impacted by ransomware for respective reasons. Some 55% said they'd suffer assurance owed to the company's deficiency of due information and information management. Some 54% would suffer assurance if their ain information were compromised. And 29% said they'd suffer assurance if the onslaught entailed immoderate inconvenience for them personally.

Further, 47% of those surveyed said they'd suffer assurance if the institution weren't forthcoming astir the attack, portion 22% would suffer assurance if the institution paid the ransom.

"Ransomware attacks are truthful prevalent that they are present portion of our corporate consciousness," Cohesity CISO Brian Spanswick said successful a property release. "And our probe indicates that erstwhile businesses wage the ransom, they tally the hazard of losing user assurance and prompting radical to instrumentality their concern elsewhere."

Consumers besides judge organizations are failing to efficaciously combat ransomware attacks. Among the respondents, 42% said it was improbable that companies are doing capable to support their data. Toward that end, 61% said they consciousness companies should regularly trial their systems for threats, and 59% said they should instrumentality due information software.

Some 47% judge companies should enable multi-factor authentication, portion 39% deliberation they should necessitate stronger passwords. Finally, much than fractional said that organizations should follow much precocious information absorption processes to amended support information and respond to imaginable threats.

"No enactment is immune from ransomware attacks," Spanswick said. "But enterprises that instrumentality modern information and next-gen information absorption strategies and tin rapidly retrieve if they are attacked—without having to wage the ransom—are the ones that volition triumph favour with consumers implicit those that can't."

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also see

Read Entire Article