Study uncovers unexpected losses following ransomware attack

A poll among security professionals suggests that a large proportion of firms that have chosen to pay ransom demands go on to suffer a second attack – often at the hands of the same threat actor. In the UK, 84% of organisations that paid a ransom demand were hit again, with 61% reporting significant loss of revenue, according to the poll conducted by Cybereason.

The security firm polled 1,300 security professionals globally, and found that more than half had fallen victim to a ransomware attack. The research also revealed that of the 300 organisations polled in the UK who opted to pay a ransom demand to regain access to their encrypted systems, 43% reported that some or all of the data was corrupted during the recovery process – which Cybereason says underscores why it does not pay to pay ransomware attackers.

“Ransomware attacks are a major concern for organisations across the globe, often causing massive business disruptions including the loss of income and valuable human resources as a direct result. In the case of the recent Colonial Pipeline ransomware attack, disruptions were felt up and down the East Coast of the United States and negatively impacted other businesses who are dependent on Colonial’s operations,” said Cybereason CEO, Lior Div.

“Paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks. Getting in front of the threat by adopting a prevention-first strategy for early detection will allow organisations to stop disruptive ransomware before they can hurt the business.”


The ransomware effect: UK-specific findings (Source: Cybereason)

• Loss of business: 47% of organisations reported significant loss of business following a ransomware attack. Of these, 61% admitted to losing revenue.

• Ransom demands increasing: 51% of businesses that paid a ransom demand shelled out between £250,000 - £1m, while 4% paid ransoms exceeding £1m.

• Brand and reputation damage: 63% of organisations that admitted to losing business indicated their brand and reputation were damaged as a result of a successful attack

• C-level talent loss: 45% of organisations that admitted to losing business reported losing C-level talent as a direct result of ransomware attacks

• Employee layoffs: 31% of those who admitted to losing business reported being forced to layoff employees due to financial pressures following a ransomware attack

• Business closures: 34% of organisations that admitted to losing business reported that a ransomware attack forced the business to close down operations entirely


Table shows percentage of respondents to Cybereason's survey reporting layoffs following a ransomware attack.

    Share Story:

Recent Stories


Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021

Manufacturing: An industry at risk amid great technological change
Of the many sectors of business, manufacturing companies are among the most at risk from cyber threats. How has the sector evolved to make it so vulnerable and what does the task of managing cyber exposure in a manufacturing company look like? CIR’s latest podcast with Tokio Marine HCC sought to answer all these questions and more. Published April 2021

Advertisement