In recent years, there has been a surge in reports of both public and private businesses making ransom payments to hackers responsible for deploying malware, particularly ransomware. However, there are some lesser-known facts that could be of interest to those curious about the outcomes following these payments.
According to a recent survey by Hiscox Group, a Bermuda-based insurance provider, a shockingly low 7% of victims who pay ransomware demands successfully retrieve their data from encryption. The majority of victims either lose significant portions of their data or are forced to rely on backups for recovery.
This trend arises from the fact that many cybercriminals do not honor their agreements after receiving ransom payments. As a result, ransomware actors are increasingly reluctant to reestablish access for victims, fearing that further interaction could bring them under the scrutiny of law enforcement.
Hiscox is widely known for its niche insurance offerings, including coverage for classic cars, kidnap and ransom, and personal accidents, in addition to the typical insurance products available from other providers.
Cybersecurity researchers argue that businesses are often coerced into meeting hackers’ ransom demands in an effort to minimize operational downtime, protect their reputations, and mitigate potential risks. Unfortunately, this approach inadvertently emboldens cybercriminals, giving them greater leverage to continue their attacks and spread ransomware to other entities.
This situation has led some experts to suggest that insurance companies should revise their policies. Specifically, they advocate for a clause that prohibits paying ransom demands. Instead, victims should be required to report these attacks to authorities. Such a policy could contribute to a more effective crackdown on ransomware operations, limiting their expansion and reducing the threat to other organizations across various industries.
In a related update, the Synnovis ransomware attack, which targeted a pathology technology provider serving the National Health Service (NHS) in London, highlights the severe consequences of these types of cyberattacks. The malware infection caused significant disruption, leading to the postponement of over 10,000 appointments related to acute outpatient care. Additionally, 1,700 elective procedures at King’s College Hospital NHS Foundation Trust and Guy’s & St Thomas NHS Foundation Trust were delayed.
The fallout from the attack included direct harm to patients, with two reported cases of severe harm, five cases of moderate harm, and 114 instances of low harm. This incident serves as a stark reminder of the potential for ransomware to not only disrupt operations but also endanger lives, underscoring the urgent need for enhanced cybersecurity measures and coordinated responses to such attacks.
Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group “Information Security Community”!