90% of UAE organisations that suffered ransomware attack and paid ransom were hit a second time

90% of UAE organisations that suffered ransomware attack and paid ransom were hit a second time

Cybereason has revealed how 90% of organisations in the UAE that suffered a ransomware attack and paid the ransom, were then hit again.

The data showed that 35% of these paid the second ransom, and a further 5% were targeted and paid a third time. The results were revealed within the second annual ransomware study by Cybereason. The study comes during a year of unprecedented attacks as the security industry strives to better understand the true impact on businesses. The global study revealed that 77% of UAE organisations suffered at least one ransomware attack over the past 24 months.

The study proved the ethos that ‘it doesn’t pay to pay’, meaning paying a ransom demand won’t protect an organisation from being targeted again. 90% of UAE organisations that paid were hit by ransomware a second time, with 83% saying the second attack came in less than a month and 78% reporting that threat actors demanded a higher ransom amount.

The report, titled ‘Ransomware: The True Cost to Business Study 2022’, further revealed that of the UAE organisations who opted to pay a ransom demand in order to regain access to their encrypted systems, 45% reported that some or all of the data was corrupted during the recovery process. These findings underscore why it does not pay to pay ransomware attackers, and that organisations should focus on detection and prevention strategies to end ransomware attacks at the earliest stages before critical systems and data are put in jeopardy.

Discussing the data, Cybereason CEO and Co-founder Lior Div said: “Ransomware attacks are traumatic events, and when ransomware gangs attack a second, third or fourth time in a matter of weeks, it can bring an organization to its collective knees. Deploying effective anti-ransomware solutions is easier said than done, and the hackers know it.

“After being hit the first time by a ransomware attack, organisations need time to assess their security posture, determine what are the right tools to deploy, and then find the budget to pay for it. The ransomware gangs know this and it is the biggest reason they strike again quickly.”

The full report can be found here: Ransomware: The True Cost to Business Study 2022