Many companies’ main incentive to pay a ransom is to ensure they can get back up and running again. For organizations that may not have extensive backups in place, or run critical services that cannot afford to be offline for any length of time, this can reduce the overall impact of the attack, and may end up costing them far less in the long run compared with the time and investment needed to rebuild systems or compensate customers.
However, there are also many disadvantages of paying a ransom. Firstly, it greatly increases the chances that businesses will be subject to repeat attacks. Indeed, it’s estimated that 80 percent of businesses that pay to regain access to their files are attacked for a second time.
What’s more, even if firms do make a ransom payment, this is no guarantee that they will regain access to their data. On many occasions, decrypted or returned data may be incomplete or corrupted, and will require significant time to organize and verify, while in some cases, hackers may simply take the money and disappear.