New research from endpoint security vendor Cybereason examined the short- and long-term effects of ransomware in a survey of 1,263 infosec professionals from the U.S., United Kingdom, Spain, Germany, France, United Arab Emirates and Singapore. One of the most significant findings was that 80% of organizations that paid a ransom demand experienced a second attack.
To make matters worse, of those who experienced a repeat ransomware attack, nearly half believed it was at the hands of the same attackers, while 34% thought the second attack was perpetrated by a different set of threat actors.
Additionally, payment does not guarantee that operations will go back to normal. Of those surveyed, 46% regained access to their data, but some or all of it was corrupted. And 25% of respondents said a ransomware attack led to their organization closing down.
Cybereason asked respondents who had suffered a ransomware attack in the last 24 months what technologies they had invested in to protect their networks from future events. The top five approaches cited were security training awareness, security operations center, endpoint protection, data backup and recovery, and email scanning.