Fallacy: Paying Ransom Guarantees the Return of Data
According to a Sophos poll of 5,400 IT decision-makers around the world, only 8 percent of ransomware victims got all their data back after paying the ransom. Almost a third (29 percent) recovered no more than half of their data. Meanwhile, the cost of remediation — from business downtime, lost orders and operational expenses, among other damage — jumped from an average of $761,106 in 2020 to $1.85 million in 2021.
It’s 10 times more expensive for agencies to remediate an attack than to pay the ransom. That’s why the number of businesses choosing to pay skyrocketed from 26 percent in 2020 to 32 percent in 2021. The highest ransom payment reported was $3.2 million; the average was approximately $170,000.
EXPLORE: What are the risk preparedness lessons government can take from the Oldsmar hack?
Fallacy: Backups Make Ransomware Recovery Easy
There is a common misconception that recovering from a ransomware attack is easy if an agency has backups. The reality is that backups can be difficult to restore if they are damaged or encrypted by hackers.
Additionally, backups don’t address secondary forms of disruption. Resolving a ransomware attack isn’t simply about restoring files because that doesn’t fix the vulnerabilities that made the breach possible in the first place. Governments must know how hackers penetrated the network and whether they still have access.
Fact: Attackers Launch Ransomware Through Phishing
The shift to remote work during COVID-19 created a new target for cybercriminals: employees using unsecured personal devices on enterprise networks. As agencies quickly moved to work-from-home environments, some security controls were overlooked. Financial services and insurance executives became key targets for ransomware and fraudulent email messages (known as phishing) in the past year, according to Verizon’s 2021 data breach report.