Despite ransomware being around for many years, with several high profile organizations suffering the consequences of such an attack, 57% of respondents to a survey carried out by Carbon Black said that WannaCry was their first exposure to how ransomware works.
Ransomware attacks have thrust cyber security onto the global stage in unprecedented fashion, with two recent attacks - WannaCry and NotPetya - rapidly spreading across the world and locking down thousands of networks. Organizations and individuals are now beginning to give greater consideration to how they would react if they were exposed to an attack, or if an organization they dealt with was exposed.
The Ransom-Aware Report noted that, while it’s never a good thing when 150 countries are simultaneously affected by a cyber attack, the increased awareness will only serve to incite positive action. Ransomware is certainly nothing new, but consumers are increasingly turning to organizations with questions about how they are protecting sensitive data. Organizations, in turn, putting more effort into improving cyber security in order to protect their data and remain operational in the event of an attack.
For many consumers, losing trust in an organization could result in them taking their custom elsewhere. When presented with the statement: 'I would consider leaving my current financial institution / healthcare provider / retailer if my sensitive information was taken hostage by ransomware,' the study found that 72% of consumers said they would consider leaving their financial institution; 68% of consumers said they would consider leaving their healthcare provider; and 70% of consumers said they would consider leaving their retailer.
When respondents were asked if they would personally be willing to pay ransom money if their own computer and files were encrypted by ransomware, it was close to a dead heat with 52% of respondents saying they would pay and 48% saying they would not. Of the 52% who said they would pay: 12% said they would pay $500 or more, 29% said they would pay between $100 and $500, while 59% said they would pay less than $100 to get their data back.
The Business Continuity Institute's latest Cyber Resilience Report showed that two-thirds of organizations had experienced a cyber security incident during the previous year. With consumers giving a lot more attention to how organizations are responding to those incidents, it is essential that organizations have plans in place to respond effectively and prevent data being lost.