Every day, more and more companies or individuals are affected by Ransomware attacks.
What is ransomware? Ransomware is a type of malware/program that infects and then takes control of a computer by preventing its users from accessing its data by encrypting the data.
And to be able to open or access the data again, the owner / user of the computer is asked to pay a sum of money to the sender of the ransomware.
Many victims finally decide to pay the ransom, in the hope that they can access their data again.
However, is it true that by paying the ransom, we can then regain access to our data?
Based on a survey conducted by Venafi – a company engaged in cybersecurity (1), several surprising things were revealed:
- 83% of successful ransomware attacks, subsequently experienced extortion 2 to 3 times.
- 71% of people in charge of IT decision-making see that this ransomware practice has become more intense over the past 12 years.
There are several tactics used by ransomware to extort companies:
- 38% threatened to blackmail enterprise customers with stolen customer data
- 35% threatened to expose company data on the dark web
- 32% threatened to tell enterprise customers that their data had been stolen.
Regardless of what tactics ransomware uses to carry out extortion, the most worrying part is that even though the company has paid the ransom their data is still exposed.
- 16% of companies that refuse to pay the ransom have their data exposed on the dark web.
- 18% of companies willing to pay the ransom have their data exposed on the dark web.
- What’s worse, 35% of the companies that paid the ransom still couldn’t get their data back.
From these facts, it can be concluded that paying the ransom for ransomware is not necessarily helpful and can actually exacerbate ransomware attacks.
Therefore, it is highly recommended to continue to have protection on every PC/Notebook that is used, on the network infrastructure, and provide understanding or remind all users to be careful when using a computer. Whether it’s when transferring data such as using a flash, accessing the internet.
Especially when using email, because in many cases the intruders infiltrated this ransomware via emails that seemed to be sent by company business partners or from banks. So that people/users who don’t understand will immediately click on the link or open the document in the email, which incidentally already contains ransomware.