Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

27% of Ransomware Victims Pay the Ransom

November 19, 2020

ZDNet reported on November 18 that a recent Crowdstrike study found that 27% of ransomware victims said their organization paid the ransom after their data was encrypted. Worse yet, the study, based on responses from thousands of cybersecurity professional and IT decision makers, found that the average ransomware amount is now more than $1 million.

Businesses justify making the payment because getting the decryption key from the attackers is viewed as the quickest and easiest way to restore the network. I would add that they often see paying the ransomware as the cheapest way to recover from the attack. This assumes of course that they actually get the decryption key. Usually they do.

Over three-quarters of respondents to the survey say that in the wake of a successful ransomware attack, they upgraded their security software and infrastructure in order to reduce the risk of future attacks, while two-thirds made changes to their security staff. That last part made me laugh because we have seen many firings after a successful ransomware attack, the success coming from the ineptitude of whomever was handling their cybersecurity.

It is odd to me that almost a quarter of ransomware victims don't plan to make changes to their cybersecurity policies, which of course puts them at risk of becoming victims again. This is especially true in a work-from-home world.

Two quick pointers: Make sure that systems are updated with the latest security patches. We handled one case where the person in charge of cybersecurity had a "no patch" policy because he believed that patches "broke things." True once in a while, but the risk of not patching is huge. Also, use two-factor authentication anywhere you can.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

27% of Ransomware Victims Pay the Ransom

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer