Security News > 2022 > April > More organizations are paying the ransom. Why?

Most organizations have been hit by ransomware in 2022, and most of those opted for paying the requested ransom, the 2022 Cyberthreat Defense Report by the CyberEdge Group has shown.

The research company says that possible explanations for the steady yearly rise of the percentage of organizations that decided to pay the ransom may include: the threat of exposing exfiltrated data, increased confidence for data recovery, and the fact that many organizations find that paying a ransom is significantly less costly than system downtime, customer disruption, and potential lawsuits.

"Ransomware gangs have noted that when they are conscientious about helping victims recover their data, other victims are more likely to pay ransoms, which increases the profits of the gangs and creates a greater incentive to launch more campaigns," CyberEdge Group noted.

"The most frequent client requests this year included assistance with the ransom 'pay-no pay' decision tree, OFAC compliance, and ransomware playbooks," Ted Kobus, Chair of the Digital Assets and Data Management Group at BakerHostetler, shared.

Recent numbers provided by Palo Alto Networks and Coveware show that the average amount organizations pay to get their data back has risen considerably: Coveware says $322,168 and PAN says $541,010.

Payments for a decryptor are more expensive than only paying to prevent disclosure.

News URL

https://www.helpnetsecurity.com/2022/04/11/organizations-paying-ransom/