Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

4/25/2019
03:15 PM
50%
50%

55% of SMBs Would Pay Up Post-Ransomware Attack

The number gets even higher among larger SMBs.

Security experts typically advise against paying for stolen data after ransomware attacks, but 55% of executives at small to midsize businesses say they would do exactly that.

The number jumps to 74% among larger SMBs with 150 to 250 employees, as stated in the AppRiver Cyberthreat Index for Business Survey. Nearly 40% went so far as to say they "definitely" would pay the ransom, at almost any price, to prevent leakage or loss of data.

Some respondents said the opposite. Forty-five percent of SMB leaders polled said they would not give in to attackers regardless of the ransom. Some SMBs in the legal services and nonprofit sector seem willing to pay ransom in exchange for stolen data, with 67% and 60%, respectively, saying they wouldn't work with cybercriminals regardless of the ransom amount or data value.

Separate research shows attackers are getting greedier with ransom demands: The average ransom amount paid by victims in cases handled by Coverware jumped 89%, from $6,733 in the fourth quarter of 2018 to $12,762 in the first quarter of 2019. Still, companies willing to pay generally get their data back: In 96% of cases, paying victims received a decryption key.

Security pros advise businesses to implement stronger data protection practices, update their systems, conduct regular backups, and educate their users on ransomware tactics instead of putting funds aside to prepare for a ransomware attack.

Read more details here.

 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2019 | 4:16:44 PM
Re: Unbelieveable
But I guess companies are still waiting to be burnt by the stove unfortunately. This makes sense. I think it identifies the major problem we face. No action unless got hit.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2019 | 4:14:32 PM
Re: Unbelieveable
t's amazing how much headache you can forgo if you have a DR plan. Sometime a DR plan may not save us. You should be able to get data back, historical data may be encrypted too.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2019 | 4:12:47 PM
Re: Unbelieveable
I saved a museum I supported by HAVING a good plan and using it so that within 3 hours 98% of everything was back. That is good. Everybody needs a backup plant that goes against a ransomware attack. They should be able to go back as much past as needed.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2019 | 4:10:24 PM
Re: Unbelieveable
Proof positive that small business IT lacks the brains to come up with a good disaster recovery plan. This makes very good sense. If they do not have a backup to go then they loose data and that is a bigger problem.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
4/28/2019 | 4:08:43 PM
Anternative?
Security experts typically advise against paying for stolen data after ransomware attacks, but 55% of executives at small to midsize businesses say they would do exactly that. That may be because they do not have an alternative?
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/26/2019 | 9:52:54 AM
Re: Unbelieveable
About 18 years ago on a lovely September morning, my data center crashed 103 floors along with the building and I was lucky to get down from the 101st floor. South tower.  So I am big into disaster recovery.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
4/26/2019 | 9:26:56 AM
Re: Unbelieveable
Agree. It's amazing how much headache you can forgo if you have a DR plan. It still amazes me that this solution has been evident for so long and still many are resistant to implement. It has more than just security benefits but data preservation benefits as you have pointed out. 

But I guess companies are still waiting to be burnt by the stove unfortunately.
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/25/2019 | 3:36:26 PM
Unbelieveable
Proof positive that small business IT lacks the brains to come up with a good disaster recovery plan.  What if a server itself crashes --- then all data is "encrypted" really good on a dead drive or system.  So WHO would you pay to restore that?  I saved a museum I supported by HAVING a good plan and using it so that within 3 hours 98% of everything was back.  I mean - COME ON, GET WITH THE PROGRAM.   There is way too much of this and everytime a ransomware story comes up---- PAY and that solves the issue  Incredible.  
10 Ways to Keep a Rogue RasPi From Wrecking Your Network
Curtis Franklin Jr., Senior Editor at Dark Reading,  7/10/2019
The Security of Cloud Applications
Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Jim, stop pretending you're drowning in tickets."
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-13623
PUBLISHED: 2019-07-17
In NSA Ghidra through 9.0.4, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis r...
CVE-2019-13624
PUBLISHED: 2019-07-17
In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/YangWebResource.java mishandles backquote characters within strings that can be used in a shell command.
CVE-2019-13625
PUBLISHED: 2019-07-17
NSA Ghidra before 9.0.1 allows XXE when a project is opened or restored, or a tool is imported, as demonstrated by a project.prp file.
CVE-2019-3571
PUBLISHED: 2019-07-16
An input validation issue affected WhatsApp Desktop versions prior to 0.3.3793 which allows malicious clients to send files to users that would be displayed with a wrong extension.
CVE-2019-6160
PUBLISHED: 2019-07-16
A vulnerability in various versions of Iomega and LenovoEMC NAS products could allow an unauthenticated user to access files on NAS shares via the API.