40% of cybersecurity professionals think paying ransomware demands should be illegal
Practice of giving in to ransomware demands rarely yields results, industry claims
A survey of top IT security professionals has revealed that 40% believe paying out as part of a ransomware demand should be made illegal.
The majority of respondents believed that businesses should never pay an attacker to decrypt their data, although more than 40% said they would either consider it or absolutely pay it as it's the easiest method of remediation.
The study from AT&T Cybersecurity shed light on the perceptions businesses have of ransomware and their current level of preparedness against the threat that's still one of the most prolific out there.
While most businesses (69%) were confident that they had the cyber security resilience and necessary backups in place to prevent a ransomware attack from crippling operations, 30% of leaders said they weren't sure.
"It's clear from this research that organisations are still struggling when it comes to ransomware. Many do not know the best practices when it comes to ransomware, or worse, do not feel confident to handle attacks efficiently," said Rick Langston, lead product manager from AT&T Cybersecurity.
"Companies not only have to mitigate ransomware by having a solid security programme that uses protection tools to close down all possible attack vectors, but also have back-ups that are separate from the network in case the worst happens," he added.
Regardless of how prolific ransomware has become in the past few years - UK businesses saw a 195% increase in ransomware attacks this year - it's still eclipsed by other threats in terms of what's worrying security professionals.
Of the five most troubling threats faced by businesses, ransomware was at the bottom of the list. Nation-state attackers, insider threats, phishing and DDoS attacks were all more troubling to security professionals than the attack vector plaguing UK businesses.
It's not just the UK that's seen a proliferation of ransomware in the past year; myriad US towns and cities have succumbed to ransomware attacks in recent months - most of which seem to be small towns and government departments.
Most recently, 22 Texan towns and their government departments were hit by a coordinated ransomware attack, with one mayor confirming that the attacker used 'island hopping' to bring down his city's IT systems.
Two Floridan towns also made headlines after they were infected in the same week. Together they paid over $1 million in ransom demands to clear their IT systems of the infection - a practice which is highly disadvised in the industry.
Although paying a ransom can be the fastest way to regain control of systems, it can invite further attacks as it signals the victim is willing to pay.
There's also no guarantee that the attacker will rid the victim of the infection even after paying up either. During the NotPetya ransomware attacks in early 2018, researchers discovered that not only were the attacker's digital wallets misconfigured, but their email account had been shutdown, meaning that it was unlikely that any payments would reach their destination.
Four cyber security essentials that your board of directors wants to know
The insights to help you deliver what they needDownload now
Data: A resource much too valuable to leave unprotected
Protect your data to protect your companyDownload now
Improving cyber security for remote working
13 recommendations for security from any locationDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now