Paying Ransomware Paints Bigger Bullseye on Target’s Back

Ransomware attackers often strike targets twice, regardless of whether the ransom was paid.

Paying ransomware attackers doesn’t pay off and often paints a bigger target on a victim’s back. Eighty percent of ransomware victims that paid their attackers were hit a second time by the malware scourge.

New ransomware numbers come from a Cybereason’s April ransomware survey of 1,456 cybersecurity professionals. According to the gated report (registration required), victims that were successfully extorted were not only targeted a second time, but frequently data encrypted by criminals later became unusable during the decryption process because of corruption issues.

“The fact that ransomware gangs strike so quickly a second and third time isn’t surprising, because they will try to profit in any possible way,” wrote Bill Keeler, senior director of global public relations at Cybereason, in a written exchange with Threatpost. “Why not hit the same company, demand a higher ransom, and get paid?” The report confirms not just the rise in ransomware incidents, something the recent Verizon DBIR documents explicitly, but a worrying new trend. That trend is threat actors going beyond double and triple-extortion attacks and opening a new ransomware threat dynamic.

The Perils of Paying

While the

Read More: