Ransomware is a virus that sort of kidnaps your data by encrypting it and you have to pay a ransom to have it decrypted. When a machine on your network contracts a virus, a ransomware attack begins. Hackers can infect your computer using a number of techniques, including spam links, email attachments, and even sophisticated social engineering tactics. After being downloaded onto an endpoint, the malicious file spreads throughout the network, encrypting any file it can access. You will be required to pay a price if you want to break through its encryption.


Due to the damage a ransomware brings to a company such as delay in production or day-to-day operations, some companies would just pay the hackers to get it over with. Now this is a sad reality.


The 2023 Global Cyber Confidence Index, published by cloud network detection and response provider ExtraHop, revealed that 83% of victim businesses have paid a ransom at least once, in addition to the average number of ransomware attacks rising from four to five between 2021 and 2022.


According to the study, even though agencies like the FBI and CISA oppose paying ransoms, many businesses choose to pay the ransom up front, which costs an average of $925,162, rather than risk future operational disruption and data loss.


According to Jamie Moles, senior technical manager at ExtraHop, businesses “are paying ransoms because they think it’s the quickest and easiest way to get their business back up and running.”


In addition, many cyber gangs’ well-known double extortion tactic “incorporates stealing data before encrypting it and threatening to publish it on the internet if you don’t pay the ransom,” according to Moles, adding to the pressure on businesses to pay up.


The study was released shortly after Yum! Brands, the parent company of KFC, Taco Bell, and Pizza Hut, disclosed it had had a ransomware compromise.


One of the main points of ExtraHop’s analysis is that by ignoring the vulnerabilities caused by unpatched software, unmanaged devices, and shadow IT, businesses are giving ransomware criminals influence over their data.


For instance, according to 77% of IT decision-makers, at least 50% of security problems are the result of outdated cybersecurity policies.


These ignored vulnerabilities grow over time, offering hackers more possible points of entry to exploit and more power to pressure businesses into making payments.


According to Mark Bowling, chief risk, security, and information security officer at ExtraHop, “the likelihood of a ransomware attack is inversely proportional to the amount of unmitigated surface attack area, which is one example of cybersecurity debt.” “This de-prioritization creates liabilities and, ultimately, financial damages that compound cybersecurity debt and expose organizations to even greater risk.”

If your business is one of the lucky ones who are still uncompromised by hackers, now is the best time to consider having your company protected by hiring a reputable cybersecurity company. Prevention is always better than cure. If you have experienced an attack, it is also not too late to have a cybersecurity partner now, being attacked again would be the worst thing to ever happen to your business. If you are ready to discuss having a partner company to cater your cybersecurity needs and defend your business against ransomware attacks, feel free to talk to us today.