This article is more than 1 year old

Less than half of paying ransomware targets get their files back

Shock revelation: criminals prove to be untrustworthy

Paying off a ransomware demand is a great way to end up losing both your money and your files.

This according a study from security company CyberEdge, which found that for those hit by a ransomware infection the best bet is probably to just restore from a backup. The survey, based on a poll of information security professionals, found that less than half of those who pay a ransom demand end up getting their data back.

The report says that 55 per cent of the people it surveyed reported a malware infection hitting their systems in 2017. Spain had the highest rate, with 80 per cent of respondents reporting malware, followed by companies in China (74 per cent) and Mexico (71.9 per cent.) In the US, 53.8 per cent of respondents were hit by ransomware, while slightly under half of those in the UK, 49.5 per cent, were hit.

Overall, 72.4 per cent of those who were infected with ransomware were able to get their data back. Most of those, however, were companies that simply ignored the ransom demands, then restored their systems with uninfected backup copies. The study found that 86.9 per cent of those who refused to pay the demand ended up recovering their data.

Of those who caved to the demand and paid the ransom, 49.4 per cent said they could recover their data, while 50.6 ended up losing it anyway. The not-so-shocking conclusion is that criminals don't always stay true to their word.

"It's like flipping a coin twice consecutively – once to determine if your organization will be victimized by ransomware, and then, if you decide to pay the ransom, flip it again to determine if you'll get your data back," CyberEdge says.

"The clear lesson here is the critical importance of maintaining up-to-date offline backups."

There is some good news to be had in the report, at least. CyberEdge notes that, for the first time in the five years it has been doing the annual report, the number of respondents reporting at least one attack was down (from 79.2 per cent to 77.2) and the number of companies that were frequently attacked, more than six times in a year, was also down.

"Perhaps this is more evidence that IT security has finally stopped the bleeding of rising cyberattacks," CyberEdge says.

We can only hope so. ®

More about


Send us news

Other stories you might like