Is stockpiling bitcoins the best strategy against ransomware attacks?

In 2016, British businesses stockpiled digital currency, such as bitcoin, to use in case of ransomware attacks. According to Citrix, 35% of large UK organisations (those with more than 2,000 employees) were willing to pay more than £50,000 in order to recover encrypted files and regain access to their systems and networks.

Companies are stockpiling more cryptocurrency than ever

One year and many ransomware attacks later, with WannaCry topping the threat list, companies are now stockpiling cryptocurrency in larger quantities than before. On average, large UK companies are now ready to pay around £136,235 to recover their intellectual property and data, according to the latest Citrix report.

Generally speaking, the amount of money that small and large British organisations are ready to spend to recover from ransomware attacks has increased by 361% compared to last year.

Is collecting cryptocurrency a good strategy for dealing with ransomware attacks?

No. Stockpiling bitcoins is a strategy that companies think will help them survive a ransomware attack, a sort of insurance or safety net. But as a rule, you should never pay ransoms: by doing so, you are funding further criminal activities, and you are left without the assurance that you will be able to recover your data. Worse, by demonstrating that you are willing to pay, you effectively invite further attacks. There are better courses of action to help you prevent and recover from ransomware attacks:

  • Back up data – in case of attack, backups can save you lots of trouble. However trivial this step might seem, it’s one that the majority of British organisations skip – 55% fail to back up data on a daily basis.
  • Train your staff to detect ransomware, which usually enters your system through phishing emails. By training your staff to spot the bait, you can considerably lower its chances of spreading through your network. Interested? Take a look at our Phishing and Ransomware – Human Patch e-learning course.
  • Discover your vulnerabilities – with thorough scans and penetration tests, you can identify the weak points of your network and web applications that could be exploited by criminals to access your system. Interested? Take a look at our range of penetration tests.
  • Implement an ISO 27001-compliant ISMS (information security management system). Incorporating processes, people and technology, an ISMS helps you manage, monitor, audit and improve your organisation’s information security. Read more here >>