News
Kaspersky Comment: Majority of businesses now have ransomware payout policy
July 2021 by David Emm, Principal Researcher at Kaspersky
Research by Databarracks has found that while most businesses now have some form of ransomware response policy, only a fifth (21%) have a policy of never paying the ransom. To Kaspersky researchers, this news is concerning as it suggests that ransomware activity is still being rewarded on a consistent basis.
They argue that, in order to see a constant movement against ransomware, businesses need to commit to never paying ransomware operators and instead work with local authorities in their investigations.
The commentary from David Emm, Principal researcher at Kaspersky.
“Ransomware is a threat to businesses of all size and scope so it is promising that businesses now have some form of formal process in place when responding to a ransomware attack.
As a rule, however, businesses should never pay the ransom, and it is alarming that such a small number of businesses commit to this within their policy. Although it may seem like the best and only option at the time, paying the ransom will not guarantee that the seized data will be returned. To the contrary, it will only confirm that the perpetrators activity works. In order to tackle ransomware long term, we all need to do our part to show that crime doesn’t pay.
Notably, our global study of 15,000 consumers, found that only a quarter of those who paid fraudsters ever got their data back. The top priorities following a data breach should be to report the crime to your local law enforcement agency or find a decryption tool online through a reputable source such as No More Ransom.
There is no magic solution for ransomware attacks, and this is especially the case after they have occurred. For businesses of all sizes, however, cybersecurity can be enhanced massively by simply cultivating good habits. By making cybersecurity a seamless part of your day-to-day operations you not only significantly limit the potential of a vulnerability, you limit the effort required to be ‘cybersecure’."
