‘Law enforcement slows down ransomware recovery’ say 45 percent of security professionals

Study reveals why companies don’t inform law enforcement about ransomware infections and how insurance pay outs could be fuelling more attacks.

  • Friday, 27th August 2021 Posted 3 years ago in by Phil Alsop

A new study into ransomware from managed security service provider, Talion, has revealed that 70 percent of cyber security professionals believe that cyber insurance pay outs to ransomware victims are exacerbating the problem and fuelling more attacks.

 

The survey was conducted in response to the recent wave of ransomware attacks crippling organisations across the globe, with new data from International Data Corporation (IDC) revealing that more than one-third of organisations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months.

 

The study also supports the recent launch of #RansomAware, a new campaign which encourages organisations to openly talk about the ransomware attacks they have suffered, so the industry can pool intelligence and collaborate to make defences more effective.

 

The survey also asked respondents about why so few companies report ransomware infections to law enforcement. The findings revealed that one in ten security professionals believe companies didn’t know how to, 45 percent said they believe businesses think law enforcement slows things down and they just want to get back online as quickly as possible, while 37 percent said it is because companies have chosen to pay the ransom and don’t want to get into trouble.

 

“Our study highlights that many organisations are concerned about reporting ransomware attacks to law enforcement out of fear it could have further negative repercussions.  All victims want to get back to business-as-usual as quickly as possible, however it can be a complicated landscape to navigate.    Should you pay the ransom?  If so, is it lawful?  Organisations should be mindful that it is unlawful to make a payment to a terrorist organisations or prescribed groups in breach of international sanctions. What is required is a clear legal framework that allows organisations to make the best, lawful, decisions when they are in this high stress situation. Law enforcement needs to find a way to work with commercial organisation so that they are viewed as a source of expertise and support, not a further obstacle to overcome,” said Mike Brown, CEO of Talion.

 

“In terms of insurance pay outs, it is not surprising so many security professionals see them as fuelling the ransomware industry, as they certainly cushion the blow of attacks. However, pay outs are not guaranteed and insurers are getting stricter every day. The best option is therefore to prepare for attacks and rehearse your strategy so when your organisation gets hit in real life, loses are kept to a minimum,” continued Brown. 

 

As part of the #RansomAware campaign, Talion has formed a coalition of cyber security experts, businesses, academia, and government to promote collaboration and information sharing. The coalition is formed of 21 members, including Talion, BAE Systems, RISCS, 36 Commercial, Insight Enterprises, Inc., KnowBe4, UK Cyber Security Association, Comparitech, Siemplify, Eskenzi PR, IT Security Guru, Outpost24, Cydea, Devo Technology Mishcon de Reya, Decipher Cyber, the Cyber Security Global Alliance, Syntx, Custodian360, Get Safe Online and Integrated Cyber.