The vast majority of businesses affected by ransomware (opens in new tab) attack say they would pay the demand to get back to work as soon as possible.
A Rubrik Zero Labs report of more than 1,600 professionals, including CISOs, CIOs, BPs and executives, found that more than three-quarters (76%) said they would likely consider paying the ransom in the event of a cyberattack.
Why business leaders would choose to continue fueling this criminal industry, despite repeated warnings from law enforcement and cybersecurity firms, is up for debate, but the report points to a painful lack of trust. Overall, 92% of respondents say they would worry about not being able to maintain business continuity in the event of a cyber-attack, and a third believe their boards have little to no confidence in their company’s ability to address critical issues. recover data and business applications after such an event.
Yet the number of attacks and their destructive power continues to grow.
Nearly all the leaders surveyed said their company has had a cyberattack in the past year, with an average of 47 attacks in 12 months. Only 5% were able to function normally within an hour of discovering a cyberattack, the researchers found. In addition, 11% said they did not properly address previously exploited vulnerabilities.
The effects of a successful cyber attack extend far beyond the financial hardship for the company. Nearly all respondents (96%) experienced “significant emotional or psychological consequences” after a cyberattack. Some worried about the safety of their jobs, while others worried about losing the confidence of their colleagues.
A third reported changes in leadership roles as a direct result of the attack.
Ransomware attacks have been one of the most dangerous and popular forms of cybercrime in recent years. Scammers would infiltrate a target network, steal as much sensitive data as possible and then encrypt all files so that owners cannot access them.
They would then demand payment in cryptocurrencies, in exchange for the decryption key, and under threat of leaking the stolen data online. Ransom demands vary, but we’ve seen them go into seven figures depending on the victim.
“This research clearly shows that cyber-attacks continue to have a major impact on global organizations and that the impacts are increasing,” said Steven Stone, head of Rubrik Zero Labs.
“In addition to this increase in the frequency and impact of cyber events, the individuals on the front lines are taking a psychological blow to their well-being. Confidence has declined and fear has increased. Without a proactive and reliable approach to defending against modern cyber threats and building confidence in an organization’s ability to resolve these cyber events, these impacts – both human and organizational – will continue to worsen and reinforce each other. The good news is that in the same space we are also seeing pragmatic, proven strategies paying off and we can build on these approaches.”