A staff accountant clicked a bad link and now the firm's entire systems have been locked by a ransomware gang. The hackers tell firm leaders that if they ever want to see their precious data again, they must pay an exorbitant ransom, likely denominated in cryptocurrency so as to make them that much harder to track. What do you do?
A recent 600-person survey from Naoris Protocol, a platform centered around decentralized cybersecurity, found the vast majority of people would refuse to pay anything, no matter what terrible things the hackers might threaten to do to their data.
When asked "If you or your company were a victim of a ransomware attack, would you pay the attacker (including trying to negotiate a lower fee)?" 70.8% of respondents said they would not pay the ransom and, further, would report the attack to the authorities. The next largest group, 16.55%, also said they would not pay the ransom, but would not report the incident to authorities; instead, they would rely on backups to get their data back. Only 5.32% said they would pay the ransom and not report it, while 7.32% said they would pay but report the incident.
Naoris Protocol acknowledged these figures stand in contrast to other findings, acknowledging studies showing that 83% of ransomware victims ultimately pay the ransom. David Carvalho, the company's CEO, thought this difference might be due to poll respondents thinking of the matter only theoretically.
"It's much easier to take the moral high ground when the question is theoretical. When confronted with the reality of a ransomware attack that could cost your business millions per day, along with potential brand and reputational damage, businesses may be more reluctant to take a moral stance," he said.
Naoris suggested it may be unwise to pay the ransom. There is every possibility the attackers might just take the money and leave without returning the data or, even worse, the payment might encourage another attack. Naoris cited another study indicating more than one-third of companies that paid a ransomware gang to get their data back are victimized a second time and charged even more than the first attack.
"Ultimately the best cure is prevention, and this starts with education of employees and individuals on the role they can play in thwarting the attacks of cybercriminals," said Carvalho. "Emerging technology will also play a massive role in mitigating attacks. In an increasingly networked and decentralized world, every device with an internet connection is a potential point of failure or point of entry for a cyber attack."