The vast majority of companies affected by a ransomware attack (opens in a new tab) say they would pay the claim just to get back to work as soon as possible.
A Rubrik Zero Labs report that surveyed more than 1600 professionals, including CISOs, CIOs, BPs, and managers, found that more than three-quarters (76%) said they would likely consider paying the ransom in the event of a cyberattack.
Why business leaders would choose to continue fueling this criminal industry, despite repeated warnings from cybersecurity firms and law enforcement, is up for debate; however, the report alludes to a painful lack of trust. Overall, 92% of respondents say they would be concerned about not being able to maintain business continuity in the event of a cyberattack, and a third believe their board of directors has little or no confidence in their company's resilience. critical data and business applications after such an incident.
Emotional consequences
However, the number of attacks and their destructive power continue to grow.
Almost all of the executives surveyed said their company had suffered a cyberattack in the past year, with an average of 47 attacks in 12 months. According to the researchers, only 5% were able to resume their normal activities within an hour of discovering a cyberattack. Additionally, 11% said they had not properly patched previously exploited vulnerabilities.
The effects of a successful cyberattack go far beyond the company's financial difficulties. Almost all respondents (96%) experienced “significant emotional or psychological consequences” after a cyberattack. Some worried about their job security, while others worried about losing the trust of their colleagues.
A third reported changes in leadership roles as a direct result of the attack.
Ransomware attacks have been one of the most dangerous and popular types of cybercrime in recent years. Criminals would infiltrate a target network, steal as much sensitive data as possible, and then encrypt all files, preventing the owners from accessing them.
After that, they would demand payment in cryptocurrencies, in exchange for the decryption key, and under the threat of leaking the stolen data online. Ransom demands vary, but we've seen them reach into the seven figures, depending on the victim.
“It is clear from this research that cyberattacks continue to have significant impacts against global organizations and that the effects are increasing,” said Steven Stone, director of Rubrik Zero Labs.
“In addition to this increase in the frequency and impacts of cyber events, people on the front lines are experiencing a psychological impact on their well-being. Confidence is down and anxiety is up. Without a proactive and reliable approach to defend yourself against modern cybermenaces and strengthen confidence in the capacity of an organization to deal with cyber events, impacts - so many humans who are organizations - continue to attack and feed them. the others. The good news is that we are also seeing pragmatic and proven strategies in this very space are paying off and that we can take advantage of these approaches. »