Group-IB: 77.4% of Russian entrepreneurs are not ready to pay a ransom for decrypting data

Group-IB: 77.4% Russian entrepreneurs ready pay ransom decrypting data

In early September, The Bell, together with Group-IB experts, conducted an online survey among Russian entrepreneurs on whether they faced cyber attacks, whether their networks are protected from ransomware, and whether businessmen understand well that even such a familiar thing as email can become an entry point for attackers

As a result, Group-IB experts found that 77.4% of Russian entrepreneurs are not ready to pay a ransom for decrypting data, while more than half of those surveyed (51.9%) admit that their company is “rather unprotected” from ransomware attacks.

According to the survey, 27.4% of Russian entrepreneurs have been subjected to cyberattacks over the past two years, while the majority (59.4%) claim that this problem has not been affected either – “they were lucky.” Another 13% do not know if there were such attacks at all, because this issue should be dealt with by IT specialists or the security service. More than half of the businessmen surveyed (50.9%) consider the ransomware threat to be a dangerous threat, and about the same (51.9%) are convinced that their company is “rather unprotected” from such attacks.

At the same time, 77.4% of the polled representatives of Russian small and medium-sized businesses are “completely unprepared to pay” cybercriminals to decrypt data if they were attacked by ransomware. Another 17.9% are ready to part with 5 million rubles, and 3.7% will transfer even 10 million rubles to cybercriminals in order to return valuable data. Only 1% of the respondents said they would not regret 100 million rubles for decrypting. At the same time, 33% of entrepreneurs said that stopping for just a few hours is already critical for their business, for another 30% it is critical that it is downtime for one day.

The researchers say that email remains one of the most popular primary vectors for targeted attacks, along with the compromise of publicly accessible terminal servers (RDP).

E-mail is a point of penetration into the network in 40-60% of cases, and 50% of respondents are aware of it. At the same time, the same number (50%) admitted that they do not use additional email protection technologies, limiting themselves to built-in capabilities. About 16% do not think at all that mail needs to be protected somehow.

“Despite the fact that the results of our study look rather optimistic, they showed a paradoxical thing: the majority of respondents know that they are not protected from attacks, they are aware of the danger of ransomware, but at the same time they do not try to effectively defend against them. So far I have not seen an e-mail that could not be “punch”. Underestimating this simple vector of penetration of the same ransomware is dangerous. The illusion of security is fueled by the fact that there is no high-profile news with huge ransoms, as in the West, in Russia. But it’s only a matter of time, ”Oleg Skulkin, deputy head of the Group-IB Computer Forensics Laboratory, summed up.

Catch up on more stories here

Follow us on Facebook here

Leave a Reply