A global survey that looked into the experience of ransomware victims highlights the lack of trustworthiness of ransomware actors, as in most cases of paying the ransom, the extortion simply continues.
This is not a surprising or new discovery, but when seeing it reflected in actual statistics, one can appreciate the scale of the problem in full.
Also Read: The Importance of Data Protection Management System (DPMS)
The survey was conducted by cybersecurity specialist Venafi, and the most important findings that emerge from the respondents are the following:
As for the ransomware actor extortion tactics, these are summarized as follows:
The lack of credibility in ransomware actors’ empty promises to their victims stems from several factors.
First, most RaaS operations are short-lived, so they simply look to maximize their profits in the shortest possible period of time. As such, they don’t care about long-term reputation.
Secondly, many renegade affiliates don’t follow the rules set by the core ransomware operators, and enforcing these rules is rarely considered a priority for these groups.
Thirdly, even if the data isn’t leaked right away, the remnants of data breaches may be maintained for a long time in multiple threat actor systems and almost always find their way to the broader cyber-crime community sooner or later.
As Venafi underlines in its report, paying the ransom is only motivating crooks to return for more, as it sends the signal that the victim sees this as the easiest way out of trouble, which is nothing but an illusion.
“Organizations are unprepared to defend against ransomware that exfiltrates data, so they pay the ransom, but this only motivates attackers to seek more,” – comments Venafi’s vice president, Kevin Bocek
Also Read: 4 Major Guidelines of Data Protection Employee Rights
“The bad news is that attackers are following through on extortion threats, even after the ransom has been paid! This means CISOs are under much more pressure because a successful attack is much more likely to create a full scale service disruption that affects customers.”
The above matches the findings of another report published by Proofpoint yesterday, which presents the results of a survey of thousands of employees and hundreds of IT professionals across seven countries.
70% of the survey participants report having experienced at least one ransomware attack in 2021. 60% of them opted to negotiate with the attackers, and many of them ended up paying ransom more than once.
In summary, the best approach for victims is not to give in to ransomware demands but instead restore systems and data from backups and alert the law enforcement and data protection authorities of the incident.
All else is futile considering that all scenarios eventually lead to the same result, with the only difference being the enrichment of ransomware actors and the feeding of their motivation to continue.
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.