Content, Content, Ransomware

Ransomware Payments Trigger Repeat Cyberattacks, Cybereason Research Finds


Eight in 10 organizations hit by a ransomware attack that elected to pay a ransom demand were attacked a second time, often by the same cyber crew, a global study of some 1,300 security professionals found.

Two-thirds of the companies in Cybereason’s newly released report, Ransomware: The True Cost to Business, suffered significant financial losses from a cyber extortion attack irrespective of the organization’s size or industry, ranging from 50 percent in the legal segment to 75 percent in government. In terms of layoffs, public sector agencies appear to be insulated from workforce reductions following a ransomware event. But on the flip side, 50 percent of legal firms were forced to layoff some employees as a result of a cyber kidnapping event.

By and large, many of those organizations that paid the ransom believed that they would recover their data intact by doing so. However, nearly half (46%) that regained access to their systems got back tainted data. The findings, Cybereason said, further emphasize what security providers and federal law enforcement have advised for a while: It does not pay to pay ransomware attackers. To back its claim, Cybereason followed the money to uncover why:

  • 66 percent of organizations lost revenue following a ransomware attack.
  • 35 percent of businesses that paid a ransom demand shelled out between $350,000-$1.4 million, while 7 percent paid ransoms exceeding $1.4 million.
  • 53 percent of organizations’ brand and reputation were damaged in a successful attack.
  • 32 percent of organizations lost C-Level talent as a direct result of ransomware attacks.
  • 29 percent laid off employees due to financial pressures following a ransomware attack.
  • 26 percent of organizations were forced to close down operations entirely following a ransomware attack.

Instead of coughing up hundreds of thousands to millions of dollars, ransomware victims should instead rely on early detection and prevention solutions before critical systems and data are compromised by cyber hijackers, the Boston, Massachusetts-based company said.

“Paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organization again, and in the end only exacerbates the problem by encouraging more attacks,” said Lior Div, Cybereason chief executive and co-founder.

Security firm Emsisoft's research showed that ransomware victims, including businesses and consumers,  paid a total of $18 billion in ransoms worldwide in 2020, for an 80 percent uplift from the previous year.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.