kraloz - Fotolia

UK firms stockpiling bitcoins for ransomware attacks

Large UK firms are prepared to pay out more than £136,000 on average to cyber criminals who launch ransomware attacks, a survey has revealed

The amount firms with 250 employees or more are willing to pay ransomware attackers is up nearly four times compared with a year ago, according to a survey of 500 IT decision makers by One Poll.

The survey, commissioned by secure connectivity firm Citrix, also shows that more than two-fifths are stockpiling bitcoins in case of a ransomware attack, compared with a third a year ago.

On average, UK firms are stockpiling bitcoin cryptocurrency worth around £46,000, while a third have bitcoins worth more than £50,000 on standby.

The survey also shows that smaller companies are more likely to keep a supply of cryptocurrency such as bitcoin on hand than larger businesses.

Half of the businesses with 250-500 employees polled said they were stockpiling digital currency, up from 36% of this group a year ago. In comparison, just a quarter of businesses with 1,000 or more employees are accumulating cryptocurrency, which is unchanged from 2016.

The decision to stockpile digital currency reflects a widespread attitude that paying a ransom may be necessary. Only 22% of businesses polled said they would be unwilling to pay anything if struck by a ransomware attack, down from 25% a year ago.

UK firms unprepared for ransomware attack

The 2016 research revealed that one-fifth (20%) of companies with 250-500 employees did not have any contingency measures in place in case of a ransomware attack, however this has fallen to just 7% in 2017.

While many businesses are preparing to block ransomware attacks or pay out if hit, others are missing out on simple cyber hygiene procedures which can limit the impact of a ransomware attack. For instance, over half of large UK firms (55%) still do not back up their data at least once a day.

“Cyber criminals are resorting to ransomware to exploit the vulnerabilities that exist within UK organisations,” said Chris Mayers, chief security architect at Citrix.

“Cyber criminals are resorting to ransomware to exploit the vulnerabilities that exist within UK organisations”
Chris Mayers, Citrix

This is no secret, with global attacks hitting the headlines, yet many businesses are still being caught out. Organisations must ensure they’re prepared for the reality of this threat and take action to safeguard the IT network for an attack and protect mission-critical data,” he warned.

Stockpiling a potential ransom may alleviate concerns about ensuring constant access to data, but Mayers said there was no guarantee that data would be returned once a ransom had been paid.

“Instead, committing to robust cyber security techniques and ensuring specific contingency measures are in place to deal with an attack can reduce the chances of falling prey to ransomware in the first place.”

Lack of security guidance from government

A quarter of IT decision makers do not feel the government is performing in terms of providing guidance to businesses on avoiding cyber attacks.

However, this represents an improvement on last year’s sentiments, with 32% expressing dissatisfaction with the government’s guidance on avoiding cyber attacks a year ago.

“These findings emphasise the importance of setting robust cyber standards and sticking to them,” said Mayers.

“While more companies are preparing to pay out, many still fail to back data up each day. Organisations should look at dedicated techniques, from encryption to virtualisation, to keep data and apps safe across all devices and desktops – and out of reach of today’s persistent cyber attackers,” he said.

Read more about ransomware

  • Businesses still get caught by ransomware, even though straightforward avoidance methods exist.
  • Criminals used devices compromised for click fraud as the first step in a chain of infections leading to ransomware attacks, said security firm Damballa.
  • The first half of 2014 saw an increase in online attacks that lock up user data and hold it to ransom.
  • The Cryptolocker ransomware caught many enterprises off guard, but there is a defence strategy that works.


Read more on Hackers and cybercrime prevention

Data Center
Data Management