CIO Influence
CIO Influence News Cloud Security

Prison Sentences Called for, and Organizations Should Say ‘No’ to Ransom Demands, Say Three Quarters

Prison Sentences Called for, and Organizations Should Say 'No' to Ransom Demands, Say Three Quarters
New research highlights a growing reluctance to pay ransomware demands

Organizations hit by ransomware should not pay the ransom according to 79 percent of respondents to an online poll run by Menlo Security, a leader in cloud security. To better understand concerns about recent ransomware attacks, Menlo Security conducted a global poll on responses and reactions to ransomware attacks.

Recommended ITech News: Pure Storage Identified As Leader In Kubernetes Storage By Two GigaOm Radar Reports

Although a fifth (20 percent) of respondents believe that they should pay the demands, respondents also think that tougher penalties should be given to criminals who steal company data and extort organizations, with more than two thirds (69 percent) demanding prison sentences. Just seven percent of respondents believe that a large fine or community work would be an adequate penalty; however, 16 percent admit that the attackers will probably never be caught.

What’s clear is that ransomware is a significantly growing cost to business. Recent data from Cybersecurity Ventures shows that in 2021, global losses from ransomware attacks are expected to exceed $20 billion, and by 2031 that figure may be as much as $265 billion. This follows recent high-profile attacks that led to Colonial Pipeline in the U.S. paying over $4 million in Bitcoin to cyber criminals, and Travelex paying $2.3 million to regain control after hackers shut down its financial transaction networks. Such is the severity of the situation that six out of ten respondents think that ransomware attacks should be treated the same as terrorist attacks.

Recommended ITech News: TUTK And OTUS Announce Partnership For Telematics Video Solution

As the number of ransomware attacks against critical infrastructure organizations including transportation, healthcare and energy increase, responsibility for their protection should fall firmly at the feet of the government, say 55 percent of poll respondents. Nearly a quarter (23 percent) point to organizations to be more accountable, while 12 percent believe it rests with the cybersecurity industry as a whole.

Ransomware attacks increased by more than 130% in 2020 according to The Beazley Group. While small-to-midsize businesses were at the largest risk, ransom demands regularly hit seven or even eight figures. The highest ransom a company paid out for its clients in 2018 was over $930,000. The White House, The UK Home Office, law enforcement agencies and cybersecurity experts have all advised against paying ransom demands because it signals to ransomware gangs that their extortion schemes are working.

Recommended ITech News:  Apricorn Releases 20TB Aegis Fortress L3 SSD, Industry’s Largest Portable, Hardware-Encrypted Drive

“Ransomware isn’t going away any time soon and with the rise of ransomware as a service it’s an increasingly easy way for cyber criminals to launch a profitable attack. It’s time for governments, organizations and individuals to take a stand. If companies continue to pay ransom demands, then these criminal groups will continue to see the technique as an easy way to make massive monetary gains,” said Mark Guntrip, senior director, cybersecurity strategy, Menlo Security.

“To combat this increasingly complex cyber attack vector, a new approach is clearly needed. It’s time to discard the outdated approach of detect and remediate and rethink how you protect users, applications, data and the business from these attacks from the outset. A proactive, isolation-powered approach to eliminating malware from reaching end users in the first place is a critical component to solving the ransomware problem, minimizing the impact on the business, without disrupting the way people work,” Guntrip added.

Recommended ITech News: Accela Announces Dennis W. Alpert as New Head of Government Affairs

Related posts

UL Launches New SafeCyber Solution and Platform Features to Address Mounting Security Threats

Deep Instinct Further Shields Businesses Against Cyberattacks As Ransomware Attacks

CompTIA ISAO Adds Real-time Cybersecurity Threat Analysis and Intelligence Resources from Sophos

CIO Influence News Desk

Leave a Comment