CYBERATTACKS - The Ransomware Dilemma

The ransomware business is booming: In the United States alone, this form of cyberattack increased in frequency by 200% between 2019 and 2021. It’s an urgent threat, but too many leaders are caught flat-footed when it happens to them. Ransomware is malicious software that uses encryption to prevent access to data on the infected machine, effectively paralyzing the computer system. The culprits behind the attack then demand payment in exchange for decrypting the files and restoring access to the infected systems. The tactic dates to the 1980s, but it became a prominent threat to businesses after 2010 with the rise of cryptocurrency, criminals’ preferred mode of payment.

It’s a threat riddled with uncertainties, which makes planning a response difficult. Many organizations just want to find the quickest way out, and that often means paying the ransom, even though the financial burden may be considerable and the outcome far from certain. In a recent study of 300 companies, 64% revealed that they had experienced a ransomware attack within the previous 12 months, and a staggering 83% of those paid the ransom. On average, only 8% of organizations that paid up recovered all of their data, while 63% got about half of it back.

Some organizations receive a demand for a second (and perhaps even higher) ransom, despite having paid the first one on time, but the worst-case scenario is when the victim pays but either never receives the decryption key or it doesn’t work as intended.1

Organizations that decide not to pay also bear costs in terms of business downtime and lost revenues. And organizations that are caught unprepared, without a reliable backup system or an incident response plan, end up suffering the most — not only financially but also reputationally.