The year 2020 was a great time for ransomware gangs as it led to massive growth in their illicit revenues. Now, well into 2021, ransomware operators have adopted various extortion tactics to make their victims pay up. But it's important to take a look at the effects when victims decide to pay or not pay ransoms.
Some stats your way
Although 32% of organizations paid ransom this year as compared to 26% in last year, only 8% of them got back all their data.
The average recovery cost from a ransomware attack has reached $1.85 million in 2021 from $761,106 in 2020, with the average ransom paid being $170,404.
The most common payment was $10,000 and the highest-paid ransom was $3.2 million. Ten firms paid a ransom of $1 million or more.
On average, organizations that paid the ransom only got 65% of their data back, leaving the rest inaccessible.
The harsh truth
All the statistics above come to the point that paying the ransom doesn’t guarantee that one will get their data back.
Despite organizations opting to pay the ransom due to various extortion tactics, only a minority got back all their data.
Using decryptors to recover encrypted data is often not a smooth process.
Success is not guaranteed. Hastily or poorly compiled codes can make recovery complicated, if not impossible.
Ultimately, ransomware operators cannot be trusted to fulfill their promises even after paying the ransom.
Paying the ransom? What to expect?
If an organization decides on paying the ransom, there’s no safeguard that the attackers will keep up their end of the bargain. Thus, this is what you can expect:
Assume that your data will not be permanently deleted and might even be sold to other threat actors or held for future extortion attempts.
The stolen data might be leaked before the victim even responds to the extortion attempt.
The bottom line
From all the data presented above, it can be concluded that paying the ransom doesn’t pay off. Paying the ransom is an ineffective way to get back your stolen data. However, in case you decide to pay, it is not advisable to expect all your data back. Furthermore, the best way to avoid such a situation is to stop an attack from turning into a full-fledged breach by having a ransomware recovery plan.