40% of cybersecurity professionals think paying ransomware demands should be illegal

Practice of giving in to ransomware demands rarely yields results, industry claims

Graphic depicting ransomware

A survey of top IT security professionals has revealed that 40% believe paying out as part of a ransomware demand should be made illegal.

The majority of respondents believed that businesses should never pay an attacker to decrypt their data, although more than 40% said they would either consider it or absolutely pay it as it's the easiest method of remediation.

The study from AT&T Cybersecurity shed light on the perceptions businesses have of ransomware and their current level of preparedness against the threat that's still one of the most prolific out there.

While most businesses (69%) were confident that they had the cyber security resilience and necessary backups in place to prevent a ransomware attack from crippling operations, 30% of leaders said they weren't sure.

"It's clear from this research that organisations are still struggling when it comes to ransomware. Many do not know the best practices when it comes to ransomware, or worse, do not feel confident to handle attacks efficiently," said Rick Langston, lead product manager from AT&T Cybersecurity.

"Companies not only have to mitigate ransomware by having a solid security programme that uses protection tools to close down all possible attack vectors, but also have back-ups that are separate from the network in case the worst happens," he added.

Regardless of how prolific ransomware has become in the past few years - UK businesses saw a 195% increase in ransomware attacks this year - it's still eclipsed by other threats in terms of what's worrying security professionals.

Of the five most troubling threats faced by businesses, ransomware was at the bottom of the list. Nation-state attackers, insider threats, phishing and DDoS attacks were all more troubling to security professionals than the attack vector plaguing UK businesses.

It's not just the UK that's seen a proliferation of ransomware in the past year; myriad US towns and cities have succumbed to ransomware attacks in recent months - most of which seem to be small towns and government departments.

Most recently, 22 Texan towns and their government departments were hit by a coordinated ransomware attack, with one mayor confirming that the attacker used 'island hopping' to bring down his city's IT systems.

Two Floridan towns also made headlines after they were infected in the same week. Together they paid over $1 million in ransom demands to clear their IT systems of the infection - a practice which is highly disadvised in the industry.

Although paying a ransom can be the fastest way to regain control of systems, it can invite further attacks as it signals the victim is willing to pay.

There's also no guarantee that the attacker will rid the victim of the infection even after paying up either. During the NotPetya ransomware attacks in early 2018, researchers discovered that not only were the attacker's digital wallets misconfigured, but their email account had been shutdown, meaning that it was unlikely that any payments would reach their destination.

Featured Resources

2021 Thales access management index: Global edition

The challenges of trusted access in a cloud-first world

Free download

Transforming higher education for the digital era

The future is yours

Free download

Building a cloud-native, hybrid-multi cloud infrastructure

Get ready for hybrid-multi cloud databases, AI, and machine learning workloads

Free download

The next biggest shopping destination is the cloud

Know why retail businesses must move to the cloud

Free Download

Recommended

Best ransomware removal tools
ransomware

Best ransomware removal tools

14 Oct 2021
Senator to introduce new bill to force ransomware payment disclosures
ransomware

Senator to introduce new bill to force ransomware payment disclosures

6 Oct 2021
Two-thirds of organizations have fallen victim to ransomware
ransomware

Two-thirds of organizations have fallen victim to ransomware

29 Sep 2021
Researchers disclose top flaws abused by ransomware gangs
ransomware

Researchers disclose top flaws abused by ransomware gangs

20 Sep 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Veritas Backup Exec 21.3 review: Covers every angle
backup software

Veritas Backup Exec 21.3 review: Covers every angle

14 Oct 2021
HPE wins networking contract with Birmingham 2022 Commonwealth Games
Network & Internet

HPE wins networking contract with Birmingham 2022 Commonwealth Games

15 Oct 2021