Ransomware attackers often strike targets twice, regardless of whether the ransom was paid.
Paying ransomware attackers doesn’t pay off and often paints a bigger target on a victim’s back. Eighty percent of ransomware victims that paid their attackers were hit a second time by the malware scourge.
New ransomware numbers come from a Cybereason’s April ransomware survey of 1,456 cybersecurity professionals. According to the gated report (registration required), victims that were successfully extorted were not only targeted a second time, but frequently data encrypted by criminals later became unusable during the decryption process because of corruption issues.
“The fact that ransomware gangs strike so quickly a second and third time isn’t surprising, because they will try to profit in any possible way,” wrote Bill Keeler, senior director of global public relations at Cybereason, in a written exchange with Threatpost. “Why not hit the same company, demand a higher ransom, and get paid?” The report confirms not just the rise in ransomware incidents, something the recent Verizon DBIR documents explicitly, but a worrying new trend. That trend is threat actors going beyond double and triple-extortion attacks and opening a new ransomware threat dynamic.
The Perils of Paying