Ransomware Attacks Are More Common Than We Think

Ransomware attacks aren’t just in the news. They happen all the time, perhaps more often than many assume.

As reported by Cybersecurity Dive, roughly 9 in 10 CISOs reported at least one attack during this past year. Of course, many deal with more attacks than one: In the same survey of 350 security executives, almost half of responders reported multiple cyberattacks against their respective companies.

Almost all of the CISOs reported dealing with at least one ransomware attack in their time with the companies. While any cyberattack is a serious situation, ransomware attacks are particularly perilous. Attackers hold companies’ systems on lockdown, keeping sensitive data and operations out of reach unless a ransom is paid.

As it turns out, the ransoms are being paid almost every time. The same survey found that more than four in five CISOs reported their business paid the ransom when attacked. It’s become part of security planning to assume one will encounter a ransomware attack, so there should be funds banked away for such an event.

While it’s understandable to want to pay a ransom and access your data as soon as possible, it’s not the best course of action, especially not in the long run. Hackers are emboldened to continue attacking organizations and businesses because they know they’ll most likely earn a ransom from those attacks. If no one paid the ransom, there would be no incentive to attack in this way.

A ban on ransomware payments has been floated, but not seriously considered. It could help: almost one in 10 ransomware paid amounted to over one million dollars.