Cybereason, the leader in future-ready attack protection, has released research findings from a global ransomware study of nearly 1,300 security professionals
In the United Arab Emirates (UAE), 37% of surveyed companies reported that they had bit hit by a ransomware attack in the last 24 months. A staggering 84% of these companies chose to pay the ransom but what is interesting is that of those, 90% suffered a second ransomware attack, often at the hands of the same threat actor group.
Lior Div, CEO and co-founder at Cybereason, commented, “Our survey findings underscore why, with the exception of cases where there is a threat to life, it does not pay to pay ransomware attackers. Paying a ransom demand does not guarantee a successful recovery, does not prevent the attackers from hitting the victim organisation again, and in the end only exacerbates the problem by encouraging more attacks. Getting in front of the threat by adopting a prevention-first strategy for early detection will allow organisations to stop disruptive ransomware before they can hurt the business.”
Key UAE findings include:
● Ransom Demands Increasing: 63% of businesses (28 percent higher than the global average) that paid a ransom demand shelled out between US$350,000 - US$1.4mn, while 10% paid ransoms exceeding US$1.4mn.
● Loss of Business Revenue: 63% of organisations reported lost business (19% higher than global average) as a result of the ransomware attack and 42% reported significant loss of revenue.
● Brand and Reputation Damage: 54% of organisations indicated that their brand and reputation were damaged as a result of a successful attack.
● C-Level Talent Loss: 50% of organisations (19% higher than global average) reported losing C-Level talent as a direct result of ransomware attacks.
● Employee Layoffs: In line with the global average, 29% reported being forced to layoff employees due to financial pressures following a ransomware attack.
● Business Closures: A startling 42% of organisations (16% higher than global average) reported that a ransomware attack forced the business to close down operations entirely.
“Ransomware attacks are a major concern for organisations in the UAE and across the globe, often causing massive business disruptions including the loss of income and valuable human resources as a direct result. If we look at the recent Colonial Pipeline ransomware attack as an example, disruptions were felt up and down the East Coast of the United States and negatively impacted other businesses who are dependent on Colonial’s operations,” added Lior.
Other key findings included in the full report reveal the extent to which losses to UAE businesses may be covered by cyber insurance, how prepared regional organisations are to address ransomware threats to the business with regard to adequate security policies and staffing.