8 out of 10 of ransomware victims paid to get data restored

Research by ThycoticCentrify shows most organisations experienced a ransomware attack, while 93 percent are allocating special budget to fight growing threats

Posted 21 October 2021 by Christine Horton

Nearly two out of three companies (64 percent) have admitted to falling victim to a ransomware attack in the last 12 months. 

The findings come from a US report from ThycoticCentrify, 2021 State of Ransomware Survey & Report: Preventing and Mitigating the Skyrocketing Costs and Impacts of Ransomware Attacks.

It further reveals that more than four out of five (83 percent) ransomware attack victims felt they had no choice but to pay ransom demands to restore their data.   

The report shows that 72 percent of firms have seen cybersecurity budgets increase due to ransomware threats. Moreover 93 percent are allocating special budget to fight ransomware threats. 

Half (50 percent) said they experienced loss of revenue and reputational damage from an attack and 42 percent indicated they had lost customers as a result of an attack 

“Our research shows ransomware is a threat to organizations of all sizes and levels of sophistication,” said Art Gilliland, CEO at ThycoticCentrify. “The first line of defense should be solutions that secure privileged access, including multi-factor authentication (MFA) and other methods of enforcing Zero Trust, to keep would-be cyber criminals contained and limit the damage they can inflict.”

Government is the most commonly targeted industry for ransomware in the UK.

The report features three main takeaways with recommendations and resources to help mitigate damage from an attack.

1.     “With so many organisations victimised by ransomware attacks, it is more important than ever that organisations prioritise creating an incident response plan to avoid being added to the growing list that have paid the ransom demand.

2.     “While increasing cybersecurity budgets for network and cloud security solutions, organisations must also understand and prioritise the requirements for preventing exploit escalation with PAM security that enforces least privileged access.

3.     “Preventing ransomware attacks by practicing basic cybersecurity hygiene such as regular backups, timely patching, MFA, and password protection is essential. However, PAM policies that make least privileged access a priority enable security teams to identify the attack entry point, understand what happened, help remediate, and ultimately protect restored data.”