Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
IBM Security Businesses Privacy Software The Almighty Buck United States Technology

Most Businesses Pay Ransomware Demands, IBM Finds (eweek.com) 69

According to an IBM Security report released on December 14, 70 percent of businesses impacted by ransomware end up paying the attackers. The amount varies but a majority of business respondents said they paid tens of thousands of dollars. eWeek reports: The 23-page IBM Security study surveyed 600 business leaders and 1,021 consumers in the U.S. 46 percent of business respondents reported that they had experienced ransomware in their organizations. Of the 46 percent that have been impacted by ransomware, 70 percent admitted that their organization paid the ransom. The amount paid to ransomware attackers varies, but of those business respondents that paid a ransom, 20 percent paid over $40,000, 25 percent paid between $20,000 and $40,000 and 11 percent paid between $10,00 to $20,000. On the consumer side, IBM's study found that the propensity to pay a ransom varies depending on whether or not the victim is a parent. 55 percent of consumers that identified themselves as being parents said they would pay a ransom to recover access to photos that had been encrypted, versus only 39 percent for consumers that don't have children. In an effort to help organizations respond quickly to ransomware threats, IBM's Resilient Incident Response Platform (IRP) is being enhanced with a new Dynamic Playbook for ransomware. Ted Julian, Vice President of Product Management and Co-Founder at Resilient, an IBM Company, explained that the basic idea behind the Dynamic Playbooks is to help provide organizations with an automated workflow or 'playbook' for how to deal with a particular security incident.
This discussion has been archived. No new comments can be posted.

Most Businesses Pay Ransomware Demands, IBM Finds

Comments Filter:
  • by Anonymous Coward on Wednesday December 14, 2016 @07:08PM (#53487127)

    Most companies dont have a backup regimen.

    • Comment removed (Score:5, Interesting)

      by account_deleted ( 4530225 ) on Wednesday December 14, 2016 @07:32PM (#53487207)
      Comment removed based on user account deletion
      • by Tablizer ( 95088 )

        Also, they paperweighted the vast majority of their servers with McAfee's product turned up to "insanely secure"

        Oh, that's so annoying. Can make the systems run so slow that it's effective in thwarting the bad guys by making them fall asleep waiting for servers to respond. "Snorecurity". It's almost comparable to powering everything off. They won't hack a server with no power.

        Security: A, Productivity: F

        Makes me almost miss the good ol' days with VAX's, 2400 baud modems, and Commodore 64's. Wimpy hardware,

        • Oh, that's so annoying. Can make the systems run so slow that it's effective in thwarting the bad guys by making them fall asleep

          1995 called. They want their your out-of-date stereotypes about security software back.

          • by Tablizer ( 95088 )

            We must be running 1995 McAfee then.

          • What kind of ignorant recluse thinks security software has been solved for 20 years? The kind who condescendingly uses a tired "year XXXX called" put-down.

            Most of the businesses I'm familiar with struggle to this day with performance issues related to security software. You might notice that security breaches are commonplace despite all the wasted CPU cycles and read/writes. I honestly can't fathom why you'd be so dismissive of an issue that is costing many many millions of dollars in wasted power consumpt
      • by sad_ ( 7868 )

        They have McAfee, now they are secure for ever!

    • Re: (Score:3, Insightful)

      by donaldm ( 919619 )

      Most companies dont have a backup regimen.

      It would be more appropriate to say "Most companies don't have a disaster recovery plan" and/or don't test it out which is actually the most important part of a disaster recovery plan.

      The problem with paying extortion [wikipedia.org] demands and ransomeware demands are extortion, only encourages these criminals to go after more lucrative targets with more sophisticated attack methods especially when their targets are willing to pay and pass on their incompetent loss of money to their customers or shareholders.

      • extortion, only encourages these criminals to go after more lucrative targets

        That is not necessarily a bad thing. Many security breaches result in spam botnets or customer data leaks, that harm people not that were not responsible. The nice thing about ransomware is that the cost of bad security lands directly in the lap of the people that can actually do something about it.

    • ...don't have a backup regimen, and use Microsoft Operating Systems.

      Perfect storm.

      • by Kiuas ( 1084567 ) on Thursday December 15, 2016 @03:52AM (#53488503)

        don't have a backup regimen, and use Microsoft Operating Systems.

        This actually is exactly what happened to a friend recently. They're running a lot of Linux servers, but as they were doing some sort of changes they were temporarily moving data from the linux machines to windows environment which got ransomwared and they got screwed. They have backups, but they're not up to date.

        To my knowledge they have no intention of paying the ransom.

        This is a perfect example of management having their heads up their asses. It's not that they don't have competent people who'd be more than willing to improve backups and general security (in fact the friend in question working as a systems analyst has been whining ever since he joined the company that their security is way too lax), it's that the upper management does not seem to care because they do not perceive the risks involved correctly.

        As someone from a management background education-wise I believe this is incredibly incompetent leadership. The whole reason companies hire experts is (or should be) that you listen to the feedback of said experts. If the guy most in-tune with your systems is telling you for a couple years that you're essentially begging to get screwed over, ignoring his warnings and prioritizing cutting costs is something that should get you fired. Unfortunately this is a case where the manager in question has known the founder of the company for who knows how long, so he pretty much has a permanent position due to nepotism, and right now it's costing them a lot of money, customers and also competent people (my friend is currently looking for new job, and I can't blame him).

        • "This is a perfect example of management having their heads up their asses."

          Yes, it probably is.

          "As someone from a management background education-wise I believe this is incredibly incompetent leadership"

          Humm... but not so sure about that.

          On one hand, from a purely business PoV, maybe having their proverbial IT asses wide open has been a net positive given what they have saved all this time in both direct and indirect costs and also costs of opportunity. What if I lose 100000$ to a hacker if all this time

          • by Kiuas ( 1084567 )

            What if I lose 100000$ to a hacker if all this time I haven't been hacked I save 1M$?
            - -
            what do they say? a buck today is worth more than a hundred tomorrow, or something?

            They do indeed say that, but it is not exactly as straightforward. It can be argued that the raw up-front cost of securing the system is more expensive than the work you have to do to recreate lost data, though certainly this is not always the case.
            But the problem is that this hypothetical damage to the company from such a hack is really

            • "If they would come up with solid math taking into consideration the projected indirect effects on future sales and brand, then maybe I'd give them a pass."

              I, of course, see your point, but playing devil's advocate, see what you do: you ask for a financial analysis (that you yourself accepted to be very difficult to do, if not impossible) on a non-expenditure while you don't ask for it on an expenditure. Does it even make sense?

              I mean, you didn't ask for an investment analysis on security (adding controls,

  • by SensitiveMale ( 155605 ) on Wednesday December 14, 2016 @07:13PM (#53487139)

    with ransomware is if you pay the ransom, they unlock your data.

    It seems weird to say it is a business, but as long as the criminals don't screw over the victims, the victims know they can pay and not lose anything.

    • by PRMan ( 959735 )
      Better customer service than Comcast or AT&T.
    • by Tablizer ( 95088 )

      The one "good" thing about the hijackers with ransomware is if you pay the ransom, they unlock your data.

      I saw nothing in TFA that indicated the success rate of recovery for those who pay.

    • by tlhIngan ( 30335 )

      It seems weird to say it is a business, but as long as the criminals don't screw over the victims, the victims know they can pay and not lose anything.

      Actually, it's one where failure collapses the entire business model. Because right now the criminals are offering LOTS of support - they know the people may not know what bitcoin is so they will walk people through how to getting the payment down on the phone, even offering discounts and such.

      Because they know the only way people will pay is if they trust th

  • by Anonymous Coward on Wednesday December 14, 2016 @07:15PM (#53487145)

    But then I realized that I could have just downloaded the same porn again for free. I asked for my money back and the ransomers said no.

    • by Tablizer ( 95088 )

      But the models get uglier every day unless you pay. (Hmmm, a marriage simulator?)

  • It (Score:3, Interesting)

    by Shepanator ( 4796689 ) on Wednesday December 14, 2016 @07:32PM (#53487215)
    I have a close friend who works for a large law firm, they were hit with ransomware for a few million dollars. From a business sense, they had no choice but to pay it. The ransomers were threatening to release all of their clients' data, so the executives all got together and paid it amongst themselves, hushing up the whole thing in the process. If they didn't pay, their business would have been over, even if they didn't face litigation from (ex) clients they would have all left in droves. The next month the company's IT budget had quadrupled, so there's a happy ending.
    • by donaldm ( 919619 )

      The ransomers were threatening to release all of their clients' data, so the executives all got together and paid it amongst themselves, hushing up the whole thing in the process.

      So here we have lawyers getting together and contributing out of their own pocket to pay the ransomers rather than taking the money out of company funds. In the eyes of the average person this could be considered commendable however in lawyer speak this is Collusion [wikipedia.org] and is a criminal offence.

      The next month the company's IT budget had quadrupled, so there's a happy ending.

      So in this case, two wrongs made a right although you do have to ask if the IT department was doing its job properly in the first place since one of the first things any competent IT manager should do (besides findi

      • by Anonymous Coward

        One could suppose that the ransoming was carried out by the IT department with the end goal of having their budget increased. Where money exploitations are concerned though, conspiracy theories abound.

        • The problem is if they didn't engage in "Collusion", the real world damage would have been far worse. This is why I really despise the so called justice system. A bunch of DORKS who sit in their ivory towers dreaming up more and more laws and fuck who they hurt or what kind of situations can arise which can unfairy entrap an otherwise law abiding citizen into either commiting a felony or have something far worse happen to them. (I am not saying that the lawyers did the right thing, but they had a choice
      • The problem is if they didn't engage in "Collusion", the real world damage world damage have been far worse. This is why I really despise the so called justice system. A bunch of DORKS who sit in their ivory towers dreaming up more and more laws and fuck who they hurt or what kind of situations can arise which can unfairy entrap an otherwise law abiding citizen into either commiting a felony or have something far worse happen to them. (I am not saying that the lawyers did the right thing, but they had a
    • by Agripa ( 139780 )

      The next month the company's IT budget had quadrupled, so there's a happy ending.

      Was the quadrupled IT budget used to pay back the executives? Wouldn't ransomwear expenses be part of the IT budget anyway?

  • by sootman ( 158191 ) on Wednesday December 14, 2016 @08:12PM (#53487349) Homepage Journal

    > In an effort to help organizations respond quickly to
    > ransomware threats, IBM's Resilient Incident
    > Response Platform (IRP) is being enhanced with a
    > new Dynamic Playbook for ransomware.

    Here's my playbook:
    Step 1: Have backups.
    Step 2: Set up backups so they don't blindly overwrite good old data with newly-encrypted data.

  • by Anonymous Coward

    We got infected once on a computer in the IT support department. So the user had had a bit more access that the regular user which ment that more files got encrypted.
    People with full administrative access however, are not given that through their regular user account.
    But we were running snapshots every hour on all drives so we decided to roll back to before the infection. The whole problem were resolved fairly quickly in a few hours.

    We discovered the problem before finding the user so we put all shares offl

  • by Anonymous Coward

    ... you never get rid of the Dane.

    Rudyard Kipling, referring to the warrior/terrorist-Danes of a millennium or so ago, not the Danes of the early-20th century.

  • "That's a real nice database you have there. It would be ashame if something were to happen to it......"
  • I wonder if those companies factor that into their total cost of running Windows.

    Business: "So, Windows licensing for our organization is $25,000 this year. Our Windows liability extortion costs due to Windows insecurity are $40,000 this year, and an extra $15,000 a year for security software that pretends to plug Windows' massive blunders."

    Microsoft: "So, can we tell the press that your total cost of ownership for Windows is twenty dollars?"

    Business: "WTF?!"

    Microsoft: "Here's a cool twenty dollar bill if

  • ..in other news, Watson has been retasked to find the *best* places to deposit ransom ware.

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...