40% of cybersecurity professionals think paying ransomware demands should be illegal

Practice of giving in to ransomware demands rarely yields results, industry claims

Graphic depicting ransomware

A survey of top IT security professionals has revealed that 40% believe paying out as part of a ransomware demand should be made illegal.

The majority of respondents believed that businesses should never pay an attacker to decrypt their data, although more than 40% said they would either consider it or absolutely pay it as it's the easiest method of remediation.

Advertisement - Article continues below

The study from AT&T Cybersecurity shed light on the perceptions businesses have of ransomware and their current level of preparedness against the threat that's still one of the most prolific out there.

While most businesses (69%) were confident that they had the cyber security resilience and necessary backups in place to prevent a ransomware attack from crippling operations, 30% of leaders said they weren't sure.

"It's clear from this research that organisations are still struggling when it comes to ransomware. Many do not know the best practices when it comes to ransomware, or worse, do not feel confident to handle attacks efficiently," said Rick Langston, lead product manager from AT&T Cybersecurity.

"Companies not only have to mitigate ransomware by having a solid security programme that uses protection tools to close down all possible attack vectors, but also have back-ups that are separate from the network in case the worst happens," he added.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Regardless of how prolific ransomware has become in the past few years - UK businesses saw a 195% increase in ransomware attacks this year - it's still eclipsed by other threats in terms of what's worrying security professionals.

Of the five most troubling threats faced by businesses, ransomware was at the bottom of the list. Nation-state attackers, insider threats, phishing and DDoS attacks were all more troubling to security professionals than the attack vector plaguing UK businesses.

It's not just the UK that's seen a proliferation of ransomware in the past year; myriad US towns and cities have succumbed to ransomware attacks in recent months - most of which seem to be small towns and government departments.

Most recently, 22 Texan towns and their government departments were hit by a coordinated ransomware attack, with one mayor confirming that the attacker used 'island hopping' to bring down his city's IT systems.

Advertisement - Article continues below

Two Floridan towns also made headlines after they were infected in the same week. Together they paid over $1 million in ransom demands to clear their IT systems of the infection - a practice which is highly disadvised in the industry.

Although paying a ransom can be the fastest way to regain control of systems, it can invite further attacks as it signals the victim is willing to pay.

There's also no guarantee that the attacker will rid the victim of the infection even after paying up either. During the NotPetya ransomware attacks in early 2018, researchers discovered that not only were the attacker's digital wallets misconfigured, but their email account had been shutdown, meaning that it was unlikely that any payments would reach their destination.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/29204/how-can-you-protect-your-business-from-crypto-ransomware
Security

How can you protect your business from crypto-ransomware?

4 Nov 2019
Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/security/cyber-attacks/356417/trump-confirms-cyber-attacks-on-russia-election-trolls
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020