Study reveals 82% of organisations choose to pay ransomware demands

A study by security firm ‘Proofpoint’ has revealed that 82 per cent of UK organisations whose systems were infected by ransomware in 2021 opted to pay the ransom.

Despite cybersecurity and government agencies warning against paying, Proofpoint’s ‘2022 State of the Phish’ report states that this UK figure for 2021 is the highest in any region surveyed and is 40 per cent higher than the global average.

Phishing Attacks & Ransomware 

Phishing attacks are one of the main ways that criminals deliver ransomware (and other malware) or direct victims to a site where they download the ramsomware that allows criminals to access their networks. Proofpoint’s report showed that more than three-quarters of organisations (78 per cent) saw email-based ransomware attacks in 2021 and 91 per cent of UK organisations reported facing bulk phishing attacks in 2021. In fact, In the first three quarters of 2021, 15 million phishing messages with malware payloads were linked to later stage ransomware. For example, these malware families included Dridex, The Trick, Emotet, Qbot, and Bazaloader.

Why Not Pay? 

The National Cyber Security Centre (NCSC) states that “even if you pay the ransom, there is no guarantee that you will get access to your computer, or your files” and that “occasionally malware is presented as ransomware, but after the ransom is paid the files are not decrypted. This is known as wiper malware.” 

Also, organisations that pay the ransom will still have infected computers, will be paying criminal groups allowing them to continue and bring suffering to others, and it makes organisations that are known to pay to be more likely to be targeted in the future.

What Does The Survey Say Happened To Those Who Paid? 

As the Proofpoint study showed, 60 per cent of organisations chose to at least negotiate with the attackers, and 82 per cent paid.  However, despite advice against paying, only 4 per cent of those organisations who paid a ransom were unable to retrieve their data. This is likely to be either because the key didn’t work properly, or the attackers had simply made off with the money.

Is No Backup A Reason To Pay The Ransom? 

It would seem logical that a lack of an effective back up may be a reason why organisations would pay a ransom. A report by cyber security company Emsisoft (2020), however, showed that some victims of attacks have been capable of restoring their networks from backups but have still opted to pay the ransom.

It should also be noted that one tactic that ransomware attackers often use is to threaten to publish an organisation’s data if the ransom isn’t paid.

Protecting Your Business From Ransomware Attacks 

Ways in which businesses can protect themselves from falling victim to ransomware attacks include:

Educating staff about the risk of phishing emails and emails carrying malware, how to spot phishing/suspicious emails, and to never open emails that appear suspicious. Make regular backups of the most important files, keep them off-site (e.g., the cloud) and make multiple copies of files using different backup solutions. Make sure that the devices containing the backup are not permanently connected to the network, scan backups for malware before files are restored, and regularly patch products used for backup. Stop malicious content reaching company devices – e.g. by filtering to only allow file types you would expect to receive, blocking websites known to be malicious, actively inspecting content, and using signatures to block known malicious code. Prevent attacks via Remote Desktop Protocol (RDP), or unpatched remote access devices by disabling RDP if it’s not needed, enabling MFA at all remote access points into the network, using a VPN, and patching known vulnerabilities in all remote access and external-facing devices. Prevent malware running on devices – e.g. by centrally managing devices to only allow trusted apps and disabling or constraining scripting environments and macros. Plug vulnerabilities in devices – e.g. by installing security updates as soon they are available and enabling automatic updates for operating systems, applications and firmware.

What Does This Mean For Your Business?

Making sure there are strong security measures in place (particularly where email is concerned) and checking data is definitely being backed up securely on a regular basis (and that it is accessible when needed) can help towards effective ransomware protection. Attackers can pressurise businesses into paying (e.g. by threatening to destroy and/or publish data), and an attack may simply come at a bad time for a business where a long disruption could seem less costly than paying.

The fact is, however, that paying may not guarantee the return of data and may make a business more likely to be attacked again because they paid. Ultimately, businesses will, as the stats show, make their own decisions, but by their very nature, attackers can’t be trusted, and paying now could lead to even bigger problems later, and will fuel the continuing cycle of attacks for others too.

About J700 Group Limited

J700 Group are a Lancashire-based, family-run, professional, and responsive, Managed Solutions Provider helping Businesses, the Education Sector, and the Healthcare Sector to utilise Innovative IT Consultancy Services, Cloud Solutions, Cyber Security, Microsoft 365, Telecoms, Web Design and SEO solutions to propel their organisation to the next level and beyond.

As an experienced IT Support Provider, helping businesses across Lancashire & Manchester, if you need any assistance with your IT including IT Hardware, a Disaster Recovery Policy or Managed Backup Solutions; Call us today: 0333 7721 700  to see how we can help your business.

Where to find us: Prinny Mill Business Centre, 68 Blackburn Road, Haslingden, Lancashire, BB4 5HL

Enjoyed this? Read more from J700 Group Limited

Latest news

1

Chiptech announces major innovation initiative at high-profile reception with the New Zealand Prime Minister in London. The Rt Hon Jonathan Reynolds, the Rt Hon Christopher Luxon and the Rt Hon Steve Reed (L-R Front Row) David Hammond, and Daniel Knowles

Chiptech announces major innovation initiative at high-profile reception with the New Zealand Prime Minister in London.

30 Apr 2025

2

Northstone secures full planning permission for 50 new homes in Edenfield Edenfield housing development

Northstone secures full planning permission for 50 new homes in Edenfield

29 Apr 2025

3

Ring Stones Maintenance and Construction celebrates completion of Dovestone Gardens Dovestone Gardens launch

Ring Stones Maintenance and Construction celebrates completion of Dovestone Gardens

29 Apr 2025

4

PHX Training welcomes new business leader to drive learner success Louise Kirby

PHX Training welcomes new business leader to drive learner success

29 Apr 2025

5

Lidl to invest half a billion pounds in its expansion as it eyes sites in Lancashire Lidl

Lidl to invest half a billion pounds in its expansion as it eyes sites in Lancashire

29 Apr 2025

Pc Prestonmacan Gif980x120 March
Background image for hub sign up block

LBV Hub

Leverage Lancashire Business View platforms

Post your news
Post your events
Post your offers
Build your network
Improve your SEO
Gain coverage in the magazine
Sign-up
Events
LBV122 May/June Launch Event
121 Lancashire Business View Magazine Launch
Networking
21 May 2025

LBV122 May/June Launch Event

Lancaster and Morecambe College, Lancaster, LA1 2TY

08:30 - 10:30

Sub36 Networking
Networking
11 Jun 2025

Sub36 Networking

British Jewellery School, Scorton, PR3 1BA

15:00 - 17:00

Lancashire Net Zero Carbon Conference
Net Zero Carbon Social 1200px 2
Networking
18 Jun 2025

Lancashire Net Zero Carbon Conference

Crow Wood Hotel & Spa Resort, Burnley, BB12 0RT

08:30 - 13:00

Lancashire Built Environment Conference 2025
BEC 315 X 315 Px
Networking
25 Sep 2025

Lancashire Built Environment Conference 2025

Blackpool Football Club, Blackpool, FY1 6HX

08:30 - 13:00

CMI Level 5 Management and Leadership Course
UCLanAerialCampus.jpg.jpg
LBV Hub Seminars
21 Feb 2025 - 21 Feb 2026

CMI Level 5 Management and Leadership Course

Preston Campus, Preston , PR1 2HE

09:00 - 17:00

CMI Level 5 Project Management Course
UCLanAerialCampus.jpg.jpg
LBV Hub Seminars
21 Feb 2025 - 21 Feb 2026

CMI Level 5 Project Management Course

Preston Campus, Preston, PR1 2HE

08:00 - 17:00

RISE - The Academy for Female Leaders and Managers
WENDY BOWERS RISE Illustrstion copy.jpg.jpg
LBV Hub Seminars
02 Apr 2025 - 08 Oct 2025

RISE - The Academy for Female Leaders and Managers

East Lancashire Chamber of Commerce, Clayton le Moors, BB5 5JR

09:00 - 15:30

Planning for the future + navigating Inheritance Tax changes
Planning for the future + navigating Inheritance Tax changes for website.png.png
LBV Hub Seminars
01 May 2025 - 01 May 2025

Planning for the future + navigating Inheritance Tax changes

Stanley House Hotel, Mellor, Blackburn, BB2 7NP, Blackburn, BB2 7NP

08:00 - 10:30

Advantage: AI – A Workshop for Business Leaders – May 2
EV-land-2025-05B.png.png
LBV Hub Seminars
02 May 2025 - 02 May 2025

Advantage: AI – A Workshop for Business Leaders – May 2

Door4 Office, Burnley Wharf, Manchester Road, Burnley, BB11 1JG

09:00 - 11:00

A night at the races
1.png.png
LBV Hub Dinners / Balls
02 May 2025 - 02 May 2025

A night at the races

Morecambe FC, Morecambe, LA4 4TB

19:00 - 23:59

Innovating business solutions through PhD Partnerships
30478 Skills Bootcamp open day setting.jpg.jpg
LBV Hub Networking
07 May 2025 - 07 May 2025

Innovating business solutions through PhD Partnerships

University of Central Lancashire, Preston , PR1 2HE

14:30 - 15:30

Celebrating 50 years of KTP
UCLanAerialCampus.jpg.jpg
LBV Hub Networking
07 May 2025 - 07 May 2025

Celebrating 50 years of KTP

University of Central Lancashire , Preston, PR1 2HE

16:00 - 18:00

Advertise with us

Reaching 50,000 members, our print, digital and event platforms offer a fantastic way to raise your business profile and help you grow.

Find out more Lbv121 Online Graphic
Subscribe now

Weekly news bulletin