CybersecurityCybersecurity

Paying ransom twice more costly than data recovery expenses

According to the survey conducted by cybersecurity firm Sophos, the average global cost of addressing the impact of a ransomware attack stands at $730,000, which is exclusive of business downtime, lost orders, operational costs, and other recovery expenses.

However, if organizations choose to pay the ransom instead, it would cost them $1.4 million.

One in three (30%) organizations in the Philippines had experienced a ransomware attack in the previous 12 months. On a global level, data was encrypted in nearly three quarters (73%) of attacks that successfully breached an organization.

Sophos’ “The State of Ransomware 2020” polled 5,000 IT decision-makers in organizations in 26 countries across six continents, including the Americas, Asia-Pacific, Africa, Central Asia, Europe, and the Middle East.


Sophos sees spike in COVID-19, coronavirus email, phishing scams

Sophos looks at PH to develop, hire cybersecurity professionals


“Organizations may feel intense pressure to pay the ransom to avoid damaging downtime,” said Chester Wisniewski, principal research scientist, Sophos. “On the face of it, paying the ransom appears to be an effective way of getting data restored, but this is illusory.”

Unrecovered data

The report discovered that more than half (56%) of all the IT managers surveyed were able to recover their data from backups without paying the ransom. In a very small minority of cases (1%), paying the ransom did not lead to the recovery of data. About 5% of public organizations were unable to recover data even after paying the ransom, while 13% never managed to restore their encrypted data, compared to 6% of all organizations globally.

“Sophos’ findings show that paying the ransom makes little difference to the recovery burden in terms of time and cost. This could be because it is unlikely that a single magical decryption key is all that’s needed to recover,” Wisniewski said. “Often, the attackers may share several keys, and using them to restore data may be a complex and time-consuming affair.”

The survey contradicts the popular belief that hackers are more likely to target the public sector. However, “only 45%” of the organizations surveyed in this category said they were hit by a significant attack in the previous year. It turns out, 60% of those attacked came from the private sector particularly the media, leisure, and entertainment businesses.