Ransomware remains one of the most important security threats in the technology sector, and it is also one of those that most affects companies and professionals. Its impact can be enormous, because, as many of our readers will know, this type of malware can end up hijacking the information and files of all the computers it infects, making them unrecoverable if a ransom is not paid for themand leaving the systems completely useless.
Triple damage is dealt. On the one hand we have the one that derives from the inactivity time to which the equipment is subjected and the risk of loss of important data and files, on the other hand we have the damage that means having to pay a ransom that can have a huge cost, and finally there is the damage to the company’s image caused by this type of attack. Put all of this together, it’s easy to understand why ransomware has become one of the biggest fears for any business.
However, something very interesting is happening. According to a study published by Chainalysis, revenue from ransomware they fell in 2022 from 765.6 million dollars to 456.8 million dollars. This represents a drop of 40.3% year over year. We might think that this is because the number of attacks has dropped, but nothing is further from the truth, the number of attacks continues to be impressive, and this leads us to a very clear conclusion: victims are less and less willing to pay the ransom demanded by cybercriminals.
That same study confirms that in 2019, 76% of the victims of a ransomware attack were willing to pay the ransom, but in 2022 the figure fell to 41%. This has an explanation that, however, goes beyond simple rebellion or rejection of the attacker, and lies in the fact that paying a ransom will not guarantee the recovery of the hijacked data and files. In many cases, the ransomware is not really capable of allowing such a recovery, or it is made in such a “sloppy” way that the solution we buy does not work.
On the other hand, the perception of ransomware is no longer the same as a few years ago, it is a type of malware that, for better or worse, has become normal, and suffering an infection of this type no longer has the same impact on the image from a company that a few years ago. Obviously its consequences are still disastrous if we do not have a backup of data and files, but this is also an issue in which companies are getting better and better.