Only 10% of ransomware victims pay extortionists, but those who do fund between 6 and 10 new attacks, Trend Micro warns.
Security vendors have used data science techniques to analyze data from multiple sources, including detection telemetry, network infrastructure, blockchain transactions, underground forums, and chat logs.
report the results, What Decision Makers Need to Know About Ransomware Riskthose who decided to pay typically insisted on doing so immediately to avoid serious disruption to infrastructure and services. More than half did so within 20 days.
However, given the low number of people paying, they are usually forced to set aside more cash for each compromise.
“It is important to note that paying the ransom will only drive up the victim’s overall incident cost. We cannot undo the business disruptions and brand reputational damage that may have been suffered by the outbreak,” the report continued.
“Attackers are aware that certain industries and countries that pay ransoms also tend to pay more frequently, so organizations in those industries and countries are also more likely to be hit by ransomware. .”
The report also revealed that January and July-August saw the lowest ransomware monetization activity in the last two years.
“Thus, these could be the perfect times for defenders to rebuild infrastructure or take vacations,” it said.
To effectively tackle ransomware, Trend Micro recommends that organizations should increase their threat prevention, detection, and response efforts. However, a global focus on reducing the proportion of victims who pay out can also go a long way toward making ransomware less profitable.
Security vendors also claimed that in-depth industry research like this helps decision makers better understand the financial risks of ransomware. This could help IT departments justify more spending, governments more accurately budget for recovery and law enforcement, and insurance companies more accurately set premiums. The report adds.
