- Hiscox study reveals that most companies that pay ransoms do not recover their entire data
- Victims also suffer damage to their reputation
- Many businesses report losing customers and business partners
With ransomware attacks becoming more common, a company’s response can be crucial to recovering and mitigating the damage of the attack.
A new study from Hiscox has revealed a good reason not to pay attackers: in the vast majority of cases, even when a ransom is paid, companies do not get their information back.
The company found that only 7% of businesses had all of their data recovered – and in fact, 1 in 10 businesses that paid the ransom still had their data leaked.
Reputations to be ransomed
Besides the obvious consequences of financial losses and stress for those involved, ransom attacks also affect the reputation of the companies that fall victim to them.
The study found that among those who experienced a ransomware attack in the past 12 months, 47% reported more difficulty attracting new customers and 43% lost customers.
“Hackers are holding their reputations to ransom – and no business is too small to be at risk,” said Alana Muir, head of cyber at Hiscox UK.
Most businesses are also concerned, with 61% believing that reputational damage from a cyberattack would “significantly harm” their business.
In 2024, the survey found that more than a third (38%) of businesses that suffered a cyberattack also suffered bad publicity, damaging their brand reputation, and 21% also lost business partners, demonstrating how damaging the attacks can be, even beyond. the attack itself.
This news comes shortly after the UK government opened a consultation to consider banning the payment of ransoms by public institutions in the event of a ransomware attack, in a bid to make critical infrastructure a less attractive target and disrupt criminals’ sources of income.
