Ransomware: One paid ransom is worth nine more attacks

Hackerato il profilo Twitter del Mite thumbnail

10% of organizations that experience a ransomware attack pay the ransom to cybercriminals and thus finances an average of others nine attacks. The data emerges from “What Decision Makers Need to Know about Ransomware Risk”the latest research Trend Microleader globale di cybersecurity.

Trend Micro: “we need ways to deal with the risk of attack”

“Ransomware is a major cybersecurity threat to businesses and governments today and is constantly evolving, so we need more accurate and data-driven methods to address the risks associated with this type of attack.” he stated Alex Galimi, Sales Engineer of Trend Micro Italy. “This new research is intended to help IT decision makers better understand risk exposure and provide institutional leaders with the information they need to develop more effective defense strategies.”

The study describes threats from strategic, tactical, operational and technical perspectives, as well as leverages advanced data science to list the characteristics of cybercriminals. These characteristics can be used to compare ransomware, assess risk, and model cybercriminal behavior.

hackerHands of hacker on a laptop

Here are the search results

  • The 10% of victims who agree to pay usually do so quickly and generally pay even more
  • Risk varies across geographies, industries, and organization sizes
  • Victims in some sectors and countries pay more often than others, meaning similar organizations are more likely to be targeted
  • Paying a ransom often only results in an increase in the overall cost of the incident, with little other benefit
  • Ransomware activity is at its lowest in January and July-August, making these times potentially favorable for designing and implementing a defense strategy and infrastructure
  • Ransom payments finance an average of nine more attacks

Research reveals that by prioritizing protection, continuing in-depth analysis of ransomware ecosystems, and focusing global efforts on reducing the rate of victims who pay the ransom, organizations and institutions could help reduce the profitability of ransomware. The study data also allows managers to better assess the possible financial risks that arise from ransomware.

This would allow:

  • IT leaders to justify higher budgets for ransomware defense
  • Governments to more accurately budget for recovery services and law enforcement
  • Insurance companies evaluate policies more accurately
  • International organizations to evaluate ransomware more carefully than other global risks

The study was jointly produced by Trend Micro and Waratah.io and applies data science approaches to information gathered on the web and thanks to host-based telemetry, as well as in underground forums, bitcoin sites, financial transactions and chat logs. The research also integrates the analysis of criminal business processes, with the ultimate goal of discovering the new trends and ways of operating of the ransomware ecosystem.