A survey by IBM Security found that a shockingly high number of companies not only fall victim to ransomware but also agree to pay very high ransoms. The researchers surveyed 600 businesses and over 1,000 consumers across the US and found that as many as 46 percent of the respondents had fallen victim to ransomware, a figure that seems extremely high to me.
Furthermore, IBM claims a whopping 70 percent of those infected by ransomware admitted to paying the ransom. And we're not talking about tiny sums of money here, 11 percent of businesses said they paid between $10,000 and $20,000, around 26 percent responded they paid between $20,000 and $40,000 and another 20 percent confessed they paid over $40,000 to the cybercriminals. This is usually done via cryptocurrencies like Bitcoin so it's extremely hard if not impossible to figure out where the money is going to.
While many companies hope that paying the ransom will solve the problem, The Inquirer warns this is not a good idea as a quarter of businesses that pay do not receive their data back:
The IBM report comes in a year in which several organisations in the UK have publicly admitted to having been subjected, including both the local authority in Lincolnshire, and one of the county's NHS trusts.
However, in many cases, even paying up doesn't solve the problem, warned Andrew Stuart, managing director of backup and disaster recovery vendor Datto.
"We would advise businesses not to pay, as our own research has shown that a quarter of businesses do not receive their data even after payment," said Stuart.