IBM Study: Business More Likely To Pay Ransomware Than Consumers
IBM Security has announced results from a study finding 70 percent of businesses infected with ransomware have paid ransom to regain access to business data and systems.
In comparison, over 50 percent of consumers surveyed said they would not pay to regain access back to personal data or devices aside from financial data.
For those not familiar with the practice, ransomeware is an extortion technique used by cybercriminals where data on computers and other devices is encrypted and held for ransom until a specified amount of money is paid.
The IBM X-Force Study, “Ransomware: How Consumers and Businesses Value Their Data’ surveyed 600 business leaders and more than 1,000 consumers in the U.S. to determine the value placed on different types of data.
Key findings from the survey:
- While over half of consumers surveyed initially indicated they would not pay the ransom, when asked about specific data types, 54 percent indicated they would likely pay to get financial data back
- More than half (55 percent) of parents surveyed would be willing to pay for access to digital family photos vs. 39 percent of respondents without children
Businesses Held For Ransom Likely To Pay
Nearly one in two business executives surveyed have experienced ransomware attacks in the workplace. The study found 70 percent of these executives said their company has paid to resolve the attack, with half of those paying over $10,000 and 20 percent paying over $40,000.
Nearly 60 percent of all business executives indicated they would be willing to pay ransom to recover data. Data types they were willing to pay to recover included financial records, customer records, intellectual property, and business plans.
Overall, 25 percent of business executives said, depending upon the data type, they would be willing to pay between $20,000 and $50,000 to get access back to data.
As for small businesses, well, they remain a ripe target. Only 29 percent of small businesses surveyed have experience with ransomware attacks compared to 57 percent of medium-sized businesses. While cybercriminals may not view these businesses as offering a big payday, a lack of training on workplace IT security best practices can make them vulnerable. The study found that only 30 percent of small businesses surveyed offer security training to their employees, compared to 58 percent of larger companies.
Preparing For And Responding To Ransomware
Preparing for and Responding to Ransomware
With the financial returns on ransomware growing north of a $1 billion for cybercriminals, IBM anticipates it and other extortion schemes will continue to grow. ‘
Both businesses and consumers can take some steps to help defend themselves from ransomware. IBM X-Force experts recommends the following tips to protect yourself and your business:
- Be vigilant. If an email looks too good to be true, it probably is. Be cautious when opening attachments and clicking links.
- Backup your data. Plan and maintain regular backup routines. Ensure the backups are secure, and not constantly connected or mapped to the live network.
- Disable macros. Document macros have been a common infection vector for ransomware in 2016. Macros from email and documents should be disabled by default to avoid infection.
- Patch and purge. Maintain regular software updates for all devices, including operating systems and applications. Update any software you use often and delete applications you rarely access.
For additional tips and details on the survey findings, you can download the full report at: https://ibm.biz/RansomwareReport.
In addition, Resilient, an IBM Company, today announced an industry-first Dynamic Playbook to help organizations respond to ransomware and other complex attacks. Resilient Dynamic Playbooks orchestrate response in real-time, adapting the actions organizations need to take in response to cyberattacks as they unfold.
If you are a victim of ransomware, the FBI and other law enforcement agencies advise victims to avoid paying a ransom to cybercriminals. They do recommend you report a cybercrime, including becoming the victim of ransomware to the appropriate authorities:
- In the U.S. report via the FBI’s Internet Crime Complaint Center (IC3): https://www.ic3.gov/default.aspx
- In Europe report via Europol’s Cybercrime Reporting website: https://www.europol.europa.eu/report-a-crime/report-cybercrime-online