More than four in five (83%) ransomware victims in the last 12 months felt they had no option but to pay the extortion demand to restore their data, according to a new report by ThycoticCentrify.
The study, which was based on a survey of 300 US IT business decision-makers, also found that close to two-thirds (64%) of companies were victims of ransomware attacks in the last 12 months.
The latest research demonstrates rising ransomware cases and extortion payments since the start of the COVID-19 pandemic. These findings are particularly worrying given so many victim organizations didn't feel like they had any choice other than pay the demand once their data was encrypted, showing how effective this tactic is.
The research further highlighted the substantial damage caused to organizations by ransomware attacks. Half (50%) of respondents said their company had experienced a loss of revenue and reputational damage from an attack, and 42% admitted they lost customers due to an attack. Additionally, around one-third attributed the ransomware attack as the cause for employee layoffs.
The most vulnerable vectors for ransomware attacks are email (53%), applications (41%) and the cloud (38%), according to the IT business decision-makers surveyed.
Encouragingly, there appears to be growing recognition of the need to improve cyber-defenses amid surging ransomware incidents. Nearly three-quarters of respondents have seen their cybersecurity budgets increase due to ransomware threats, while 93% of businesses are allocating a special budget to fight ransomware threats.
Art Gilliland, CEO at ThycoticCentrify, commented: "Our research shows ransomware is a threat to organizations of all sizes and levels of sophistication.
"The first line of defense should be solutions that secure privileged access, including multi-factor authentication (MFA) and other methods of enforcing zero trust, to keep would-be cyber-criminals contained and limit the damage they can inflict."