UK businesses appear to be over-hastily paying up when confronted with what appears to be crypto-ransomware, according to new data released from Citrix.
The firm polled 500 IT decision makers in firms with 250 or more employees and revealed that nearly 40% had experienced a “bluff” ransomware attack – that is a scam in which the black hat claims to have encrypted the victim’s data but in reality is simply using social engineering to force payment.
What’s more, 60% claimed to have paid up on demand, with the average sum a little over £13,400.
However, survey company OnePoll was unable to confirm to Infosecurity exactly how those duped by the “bluff” ransomware attacks were subsequently able to identify that they’d been scammed “because that isn’t a question that we asked them.”
It’s possible that third party experts were able to confirm this after the event: over half (57%) of affected UK businesses shared that information with the police, 59% with organiZations like the National Cyber Security Centre, and 45% with cybersecurity initiatives like No More Ransom.
Just 24% of affected firms shared this information with customers, partners and suppliers.
“This research leaves a worrying impression that organizations may be treating ransomware as a cost of doing business – just like shrinkage and fraud in some sectors. Yet this mentality may be resulting in British businesses paying out when it is not necessary, while simultaneously supporting cyber-criminal activity,” argued Citrix chief security architect, Chris Mayers.
“Whether they pay the ransom or not, sharing information on the ‘bluff’ attack is key to ensuring that other organiZations do not fall victim to the same scam.”
He added that telling the real from the bluff can be technically challenging, especially as cyber-criminals will often try to scare the victim so they don’t try to bypass the warning screen, for example by saying their files will be deleted if they try to reboot.