Companies hit by ransomware often targeted again, research says

A new study found that more than a third of companies that pay a ransom to cybercriminals are attacked a second time.

More than a third of companies who paid a ransom to cybercriminals after being hit by a ransomware attack went on to be targeted for a second time, according to a new report.

The Hiscox Cyber Readiness Report found that 36% of companies that made the ransom payment were hit again, while 41% who paid failed to recover all of their data.

The head of the UK’s National Cyber Security Centre (NCSC), Lindy Cameron, said last year that ransomware attacks were the “most immediate danger” to the UK and urged companies to take more steps to protect themselves and their data.

The NCSC urges firms not to pay ransoms as it not only helps fund further crime but offers no guarantee that criminals will return the stolen or locked data.

Ransomware is a form of cyber attack which locks files and data on a user’s computer and demands payment in order for them to be released back to the owner and has been used as part of a number of high-profile cyber attacks in recent years, including the 2017 attack on the NHS.

The Hiscox report appeared to back up the NCSC’s warnings, with 43% of the businesses who paid a ransom saying they still had to rebuild their systems.

While 29% said that despite making the payment their stolen data was still leaked.

A further 26% said a ransomware attack had had a significant financial impact on their business.

The report was based on a survey of more than 5,000 organisations across eight countries, including the UK and Ireland.

Gareth Wharton, Hiscox Cyber chief executive, said: “Ransomware is still the most prevalent and damaging form of cyber attack and it is not uncommon for a company to be hit multiple times.

“Even if a business owner makes the decision to pay the ransom, often they cannot fully restore their systems or prevent a data breach.

“That is why it is vital that businesses take the necessary steps to protect their data and systems against a cyber attack; making it harder for cyber criminals to gain entry to their systems by keeping software up-to-date, running regular in-house training, and frequently backing-up data.

“Our report shows that investing in building robust cyber defences and preparing an effective response for an attack are more effective than paying cybercriminals.

“It is revealing that more than a quarter of businesses we surveyed paid a ransom in the hope of recovering their data because they did not have any back-ups when regular and robust back-up processes can be one of the most effective ways of mitigating the impact of a ransomware attack.”