Not Paying Ransom Cost Organizations More Than Paying

Share post:

In 2021, 80% of critical infrastructure organizations reported a ransomware attack.

60% of the affected organizations paid the ransom (76% from the U.S.). In more than half of the cases, the ransom exceeds $500,000.

Although 28% experienced a “substantial impact to operations” despite the payment of the ransom, the consequences of non-payment of a ransom sum are devastating and many organizations will choose to pay to avoid such.

One of these consequences is the loss of hourly earnings, which are greater than the ransom demanded.

The report by cyber-physical security firm Claroty sheds light on the ongoing war between cybercriminals and organizations, showing that the war is somehow tilting in favor of cybercriminals.

Operating technology (OT) networks and hardware make a significant contribution to a cyber attack. COVID-19 fast-tracked digital transformation, which led to improved connectivity between IT and OT networks. Since OT networks and the hardware that lives on them are not always designed to connect to the internet, systems are exposed to direct attacks.

“Changes to OT/ICS environments also introduce risk by creating additional vectors for attackers. Results have played out in the headlines and spurred renewed warnings by the government on the risk of connecting industrial networks to IT networks and the need for a heightened state of awareness and controls,” Claroty’s report explained.

For more information, read the original story in TechRepublic.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for Friday, December 1, 2023

This episode features a discussion on ransomware, the latest explanation from Okta of a support hack and a survey of infosec pros whose firms w

Cyber Security Today, Dec. 1, 2023 podcast – More on compromises

This episode reports on the sanctioning of the Sinbad crypto mixe

All Okta customer support users had their email addresses copied

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000

Failure of technology to detect attacks is a prime cause of breaches: Survey

Despite the money being poured into cybersecurity by IT departments, the leading cause of breaches of security controls was the failure of technology to detect an attack, a new survey from Trellix suggests. Forty-two per cent of respondents to the international survey of infosec leaders whose organization had suffered a recent cyber attack said their

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways