Ransomware continue to top the list of cyberattacks.
Almost half (44 per cent) of APAC (excluding Japan) respondents who participated in the IDC Security Services Global Incident Readiness Survey indicated the willingness to pay the ransom in hopes of retrieving affected files, either internally or through insurance payout.
While the list of countries included in the survey is not exhaustive, APAC countries Australia and Singapore top the group that is more willing to pay a ransom, with 60 per cent and 49 per cent of organizations in the respective countries indicating they will be paying the ransom during an attack.
Ransomware attacks significantly hinder operations as files are being encrypted, compromising the availability of critical resources required to carry out daily business processes. This is a key factor that forces the hands of victim organizations especially when no incident management or contingency plans are made. The choices are limited, either to rebuild affected parts of the infrastructure, which usually results in prolonged disruptions, or pay the ransom in hopes of receiving the decryption keys to restore files promptly.
APEJ legislations around ransomware payment are fuzzy at best. While most regulators in the region discourage the payment of ransom during an attack, there are no laws particularly restricting the transaction. In a separate study IDC Future Enterprise Resiliency Survey, 49.4 per cent of APEJ organizations that encountered a ransomware incident chose to pay the ransom, 82.4 per cent of those who paid managed to retrieve a working decryption key, meaning almost 20 per cent paid the ransom but got nothing in return.
“Even though a ransom payment may resolve the particular incident at the point in time, the actual benefits to the organization’s security posture is marginal. IDC believes that a structured investment in enhancing the infrastructure’s cyber resiliency and incident management will reap a more tangible benefit as compared to paying a ransom,” says Jeff Xie senior market analyst, for Trust, Security and Blockchain research at IDC Asia/Pacific.
IDC believes that the rise of cyber insurance products in the APEJ region also contributes to the willingness to pay during a ransomware attack.
Since the financial liability of the payment is balanced out by the insurance payout, coupled with the potential resolution of disrupted activities with minimal resources, one can understand why the sentiment to resolve a cyberattack of this nature via the requested payment is preferred over the traditional approach.
Tags: IDCRansomware