UK firms are paying some of the highest ransoms globally

British companies see Russia as a bigger threat than China

UK businesses are among the least likely to pay ransoms to cyber criminals, but when they do, they pay more than their peers in other parts of the world.

That's according to the 2020 CrowdStrike Global Security Attitude Survey [pdf], released on Tuesday, which surveyed 2,200 senior IT leaders from 12 countries - France, Germany, Italy, the Netherlands, Spain, the UK, Japan, India, Singapore, Australia, Middle East and the USA - in August and September this year. Sectors varied from manufacturing and IT to finance, transportation and healthcare.

The study revealed that 39 per cent of UK organisations have fallen victim to a ransomware attack in the last 12 months. Of those firms, only 13 per cent choose to pay the ransom - less than half of the global average of 27 per cent.

However, UK businesses paid approximately £940,000 ($1.2 million) ransom on average - higher than the global average of $1.1 million. It was also higher than those ransoms paid in many European countries, including Germany ($1.1 million), France ($745,000) and Italy ($400,000).

Earlier this year, US cyber security firm Emsisoft said that British firms were hit by nearly 5,000 ransomware attacks in 2019, forcing them to pay nearly £210 million in ransoms. The UK was sixth on the list of high-value countries for cyber criminals, with the USA, in first place, paying $1.3 billion.

The average time for UK organisations to identify an intruder has increased, according to Crowdstrike, from 39 hours in 2019 to 61 hours in 2020, providing attackers a much larger window in which to access confidential information.

More than half (56 per cent) of global respondents said that their firm had suffered at least one ransomware attack in the last 12 months. Furthermore, 71 per cent of respondents said they were more worried about ransomware attacks due to the ongoing coronavirus pandemic.

The survey also indicates that nation-state operations continue to weigh heavily on IT decision makers. Eighty-seven per cent of the participants said that state-sponsored attacks have become far more common than people think.

While most participants globally (58 per cent) consider China to be the biggest nation-state threat, for European firms there is more of a balance. Across EMEA, 49 per cent of respondents thought that an attack was more likely to come from China and 45 per cent from Russia - but more than half (51 per cent) of British firms point to Russia as the biggest threat.

"The stream of high-profile ransomware attacks on UK businesses in the last 12 months - along with growing vulnerabilities caused by the lingering pandemic and geopolitical tensions - should encourage all businesses to continue to focus on their cybersecurity," said Zeki Turedi, Chief Technology Officer EMEA at CrowdStrike.

"In a remote working situation the attack surface has increased many times and security cannot be secondary business priority."

"Security is not only for the business, it's for the business's ecosystem."

In March, the UK government's fifth Cyber Security Breaches Survey 2020 indicated that CEOs and other senior managers have woken up to the existential threat posed by cyber attacks, with 80 per cent of business respondents claiming that cyber security is a high priority for senior management; a figure rising to more than 90 per cent in major businesses.