Companies hit by ransomware often targeted again, research says

Ransomware is a form of cyber attack which locks files and data on a user’s computer and demands payment in order for them to be released back to the owner and has been used as part of a number of high-profile cyber attacks in recent years

Our report shows that investing in building robust cyber defences and preparing an effective response for an attack are more effective than paying cybercriminals

According to the Hiscox report, 43% of the businesses who paid a ransom saying they still had to rebuild their systems.

While 29% said that despite making the payment their stolen data was still leaked.

A further 26% said a ransomware attack had had a significant financial impact on their business.

The report was based on a survey of more than 5,000 organisations across eight countries, including the UK and Ireland.

Gareth Wharton, Hiscox Cyber chief executive, said: “Ransomware is still the most prevalent and damaging form of cyber attack and it is not uncommon for a company to be hit multiple times.

“Even if a business owner makes the decision to pay the ransom, often they cannot fully restore their systems or prevent a data breach.

“That is why it is vital that businesses take the necessary steps to protect their data and systems against a cyber attack; making it harder for cyber criminals to gain entry to their systems by keeping software up-to-date, running regular in-house training, and frequently backing-up data.

“Our report shows that investing in building robust cyber defences and preparing an effective response for an attack are more effective than paying cybercriminals.

“It is revealing that more than a quarter of businesses we surveyed paid a ransom in the hope of recovering their data because they did not have any back-ups when regular and robust back-up processes can be one of the most effective ways of mitigating the impact of a ransomware attack.”