Study: UK firms most likely to pay ransomware hackers

Some 82% of British firms which have been victims of ransomware attacks paid the hackers in order to get back their data, a new report suggests.

The global average was 58%, making the UK the most likely country to pay cyber-criminals.

Security firm Proofpoint's research also found that more than three-quarters of UK businesses were affected by ransomware in 2021.

Phishing attacks remain the key way criminals access networks, it found.

Phishing happens when someone in a firm is lured into clicking on a link in an email that contains malware, which in turn can help cyber-criminals access company networks.

Ransomware attacks are so-called because the hackers encrypt vital data and demand a ransom in order to get the information decrypted.

Negotiating with cyber-criminals in this manner is discouraged by governments and industry, but that hasn't stopped some high-profile firms - including JBS Foods and Colonial Pipeline - paying up in order to get their systems working again.

Many organisations that have been victims of ransomware end up paying many times, according to the research.

Only half regained access to data and systems after the first payment, the research found, as criminals got greedy and demanded more money.

But only 4% of those who paid a ransom were unable to retrieve their data, either because the key was faulty or the criminals just walked away with the money.

The fact that phishing remains the favoured attack method for cyber-criminals means that firms need to build "a culture of security", said Proofpoint researchers.

"A staggering amount of UK businesses experienced a phishing attack in 2021 and 91% of those attacks were successful," said Adenike Cosgrove, cyber-security strategist at Proofpoint.

"This compounds the fact that the UK is facing threats from all angles," she added.

News that the UK is a ransomware hacker cash cow will be a blow to cyber-authorities here.

Tackling the scourge of ransomware has taken up a huge amount of time and resource for the likes of the National Cyber Security Centre, National Crime Agency and GCHQ.

As well as public education initiatives and regular warnings about ransomware, extensive work has gone on behind the scenes.

Hackers have been unmasked and deterred, and officers have been deployed to help dozens of victims recover from attacks.

It's not illegal to pay hackers ransoms, although some think it should be, and for years it's been enthusiastically discouraged by law enforcement agencies and cyber-security companies around the world, as it incentivises hackers to carry out further attacks.

So to hear that UK victims are the most likely to pay out will be demoralising for the country's cyber-authorities in what is a global fight against these criminal gangs.