Over half of UK companies pay ransomware attacks in full - research
Organisations with greater complexity in cloud infrastructure more likely to pay off hackers, according to new research
Over half of UK companies have paid a ransomware attack in full, making it the second most likely country to pay hacker demands, according to new research from Veritas Technologies.
The vendor's 2020 Ransomware Resiliency Report surveyed nearly 2,700 IT executives across the globe and found that the UK's problem is exacerbated by companies having more complex cloud infrastructure and having their budgets cut as a result of the pandemic.
UK organisations' use of complex cloud environments hampers its ability to defend against ransomware attacks, the report also found. UK businesses use the highest number of cloud services globally, with 35 per cent using more than 20 cloud services in comparison to the global average of 16 per cent.
British companies also lag behind in their recovery time from a ransomware attack, with just seven per cent of UK companies able to recover from such an attack in under a day, compared to the global average of 30 per cent. For over a third of British companies, it would take between 10 days and a month to fully recover from a ransomware attack, according to the data.
"Complexity in multi-cloud environments is severely hampering the UK's ability to cope with ransomware attacks," stated Ian Wood, senior director and head of technology UK&I at Veritas Technologies.
"The only saving grace for UK businesses is that 71 per cent have never experienced a ransomware attack, compared to the 58 per cent global average. However, ransomware attacks are a matter of when, not if.
"The research shows a clear need for UK businesses to simplify their cloud infrastructure, invest in IT security and ensure the right data protection solutions are in place, otherwise they could be facing a costly and damaging attack."
Elsewhere in the report, only 36 per cent of respondents believe that their security has kept pace with the complexity of their infrastructure. Their top concern about this complexity was an increased risk of external attack.
Just under 50 per cent of respondents said they had increased their security budgets since the start of the pandemic. Veritas noted that there was a "correlation" between those companies that increased their IT investment and their ability to recover data in the wake of an attack. Just under half of those who increased their budget were able to restore 90 per cent or more of their data, the report stated.
"We've heard from our customers that, as part of their response to COVID, they rapidly accelerated their journey to the cloud," stated Wood.
"Organisations turned to cloud deployments as they needed to enable homeworking across a wider portfolio of applications than ever before with limited access to their on-premise IT infrastructure.
"However, this increasingly complex multi-cloud infrastructure provides hackers with more opportunities to strike. Businesses need to deploy data protection solutions to secure these cloud environments, but many are lagging behind. Our research shows that some businesses are investing to close that resiliency gap - but unless this is done as a priority, companies will remain vulnerable."