Although security experts discourage ransomware victims from paying their cyberattackers, many are willing to do, according to a report by IBM Security. The report, "Ransomware: How Consumers and Businesses Value Their Data," surveyed 600 business executives and more than 1,000 consumers.
Almost half of all businesses have experienced ransomware attacks. When considering the size of an organization, 57 percent of medium-sized businesses have suffered a ransomware attack, compared to 29 percent of small businesses. Of those who had experienced a ransomware attack, 70 percent of executives said their company had paid the cyberattackers, half of whom paid over $10,000.
Business executives reported that the type of data encrypted by the virus would impact their willingness to pay; almost 60 percent of all executives said they would pay to recover data related to financial records, customer records, intellectual property and business plans. Depending on what data was attacked, more than 25 percent said they may be willing to pay between $20,000 and $50,000.