According to a new report, more than a third of businesses that paid ransom to cybercriminals after being hit by a ransomware attack have been targeted a second time.
The Hiscox Cyber Readiness report found that 36% of businesses that made the ransom payment were again affected, while 41% that paid did not recover all of their data.
The head of the UK’s National Cyber Security Center (NCSC), Lindy Cameron, said last year that ransomware attacks were the “most immediate danger” to the UK and urged businesses to take more steps to protect themselves and their data.
The NCSC urges companies not to pay ransoms as this not only helps fund other crimes, but offers no guarantee that criminals will return stolen or locked data.
Ransomware is a form of cyberattack that locks files and data on a user’s computer and demands payment for them to be returned to the owner and has been used in a number of high-profile cyberattacks in recent years, including the 2017 attack on the NHS.
The Hiscox report appears to confirm the NCSC’s warnings, with 43% of companies that paid a ransom saying they still had to rebuild their systems.
While 29% said that despite paying, their stolen data was still leaked.
Another 26% said a ransomware attack had a significant financial impact on their business.
The report was based on a survey of over 5,000 organizations in eight countries, including the UK and Ireland.
Gareth Wharton, Managing Director of Hiscox Cyber, said: “Ransomware remains the most widespread and damaging form of cyberattack and it is not uncommon for a business to be hit multiple times.
“Even if a business owner makes the decision to pay the ransom, they are often unable to fully restore their systems or prevent a data breach.
“That’s why it’s vital that businesses take the necessary steps to protect their data and systems from a cyberattack; making it harder for cybercriminals to gain access to their systems by keeping software up-to-date, conducting regular internal training, and backing up data frequently.
“Our report shows that investing in building robust cyber defenses and preparing an effective response to an attack is more effective than paying cybercriminals.
“It is telling that more than a quarter of the companies we surveyed paid a ransom in the hope of recovering their data because they had no backups when regular and robust backup processes can be one of the most effective ways to mitigate the impact of a ransomware attack.