Most businesses face a second ransomware attack after paying the first ransom payment.

Some 80% of businesses that choose to pay to retrieve access to their encrypted computer systems encounter a subsequent ransomware attack, with 46% of business owners believing it to be caused by the same attackers.

The bulk of businesses that elect to pay the ransom to regain access to their encrypted files experience a subsequent ransomware attack. Almost half of those that pay up, say some or all their data recovered remained corrupted according to a Cybereason survey released Wednesday 16-June-2021. 

Conducted by Censuswide, the study surveyed 1,263 security professionals in seven markets worldwide, including 100 in Singapore, Germany, France, the US, and UK. 

Worldwide just 51% retrieved their encrypted files without any data loss, while 3% said they did not regain access to any encrypted data.

Ransomware attacks were projected to cost $265 billion worldwide by 2031, with one cyberattack impacting businesses and consumers every few seconds, according to Cybersecurity Ventures. 

This year, such attacks were calculated to cost USD $20 billion, up 57-fold from 2015. 

Check Point Research also reported Wednesday that the average number of ransomware attacks worldwide climbed 20% in the last two months, 41% over the last six months, and 93% in the past year. 

A Veritas survey last November showed that 78% of businesses in Singapore and 88% in Australia had paid up ransoms in full or in part, after falling victim to such cyberattacks. I

Cybersecurity vendors mainly recommend organisations against paying up after experiencing ransomware attacks, advocating preferably that businesses adopt a data protection and recovery strategy

Cybercriminals have been known to launch “double extortion” malware attacks, in which hackers moved beyond encrypting data to exfiltrate sensitive data and intellectual property. They then would threaten to expose or sell the stolen data if their ransom demands were not met. 

In summary, make sure your business has a comprehensive cybersecurity plan in place for all devices on your network including routers, phone systems, printers, IoT devices, laptops, workstations NAS backups and servers.

Full article here