"Firms Who Pay Ransom Subsidise 10 New Attacks: Report"

During a new study, security researchers at Trend Micro found that just 10% of ransomware victims pay their extorters, but those who do are effectively funding 6-10 new attacks.  The researchers noted that those who did decide to pay the ransom usually did so quickly to avoid severe disruption to their infrastructure and services.  Over half of the victims who paid the ransom paid the threat actors within 20 days.  The researchers stated that given the low number of victims who pay, threat actors are generally forced to demand more money per compromise.  The researchers indicated that it is essential to remember that paying the ransom only drives up the overall incident cost for victims.  During the study, the researchers also found that over the past two years, ransomware monetization activities have been lowest in January and from July to August.  The researchers noted that these times are potentially the best periods for network defenders to rebuild infrastructure or take vacations.

Infosecurity reports: "Firms Who Pay Ransom Subsidise 10 New Attacks: Report"