Ransomware in the UK

Organisations pay ransoms if the compromised data is confidential - or because the ransom is relatively small.


Trend Micro have been analysing a survey of over 300 UK organisations with 1000+ employees. Organisations that have not experienced a ransomware attack claim they would not pay up if their organisations were targeted.

  • 74% of those who had not experienced a ransomware attack say they would never pay

However, those who have been victimised have a different opinion.  65% of them admit they have paid a ransom. 

It seems those who are unaffected are unaware of just how sophisticated and mature the business models of cybercriminals have become.  Once they have become targets, organisations realise they cannot operate without the lost data.   About 20% of organisations that do pay never get back their data.

  • 44% of UK businesses have been infected by ransomware in the ast two years.  And 27% of those have been targeted more than once. 
  • For those who are targeted a third of their employees were affected – along with approximately 30% of their customers.
  • 37% of organisations pay a fine because they are afraid they will face a fine
  • Others pay because the ransoms asked are relatively low
  • The average amount organisations pay is £540

Sources: ITProPortal.