Ransomware: Most businesses would pay up and shut up, claims IBM

What do the ransomware makers see in the $1bn per year business?

More than two-thirds of businesses affected by ransomware would pay-up, rather than go through the aggravation of removing computers from the network, wiping their storage devices and restoring from back-ups - if they have been diligent in backing up, that is.

That is the conclusion of a report by IBM Security, which surveyed 600 businesses and more than 1,000 consumers across the US. It follows a quadrupling of ransomware attacks during 2016 as attackers take advantage of bitcoin as an anonymous, global payments mechanism.

The report suggested that as many as 46 per cent of the respondents had been affected by ransomware, and that 70 per cent of these had admitted to paying the ransom, contrary to the advice of law enforcement agencies.

Furthermore, among the organisations that admitted to paying a ransom, most paid-up five-figure sums - an indication of just how profitable ransomware has become for its creators. According to the report, 11 per cent paid between $10,000 and $20,000, one-fifth paid more than $40,000, and one-quarter admitted to paying between $20,000 and $40,000.

The FBI estimates that more than $209m was paid in ransomware payments in the first quarter of the year, and the law-enforcement agency believes that the rate of growth is so high that the figure will top $1bn for the year.

The IBM report comes in a year in which several organisations in the UK have publicly admitted to having been subjected, including both the local authority in Lincolnshire, and one of the county's NHS trusts.

However, in many cases, even paying up doesn't solve the problem, warned Andrew Stuart, managing director of backup and disaster recovery vendor Datto. "We would advise businesses not to pay, as our own research has shown that a quarter of businesses do not receive their data even after payment," said Stuart.

"A blended security approach is what businesses need - educate your users, update all software to the latest patched versions, install a decent AV, and most importantly ensure you have backups in place," he added.