Shame and confusion lead to employees paying ransoms out of pocket
Shame and confusion lead to employees paying ransoms out of pocket

Whether out of shame for being victimized or confusion over what to do more than half of employees who fell victim to a ransomware attack decided to pay the ransom amount themselves, a recent survey found.

The study of 1,000 workers victimized by a ransomware attack, conducted by Intermedia, found that 59 percent paid the ransom out of pocket with 37 percent passing the cost along to their company. Millennials were more likely to pay themselves with 73 percent reporting that they had done so, but not far behind are company executives with 68 percent saying they had also reached into their own pockets to meet they cybercriminals demand.

The report cited two reasons behind the decision to absorb the cost. Shame and embarrassment certainly play a role in the person's choice to simply pay up and hopefully mitigate the damage, but lack of knowledge also plays a role as many companies do not tell their workers what to do when confronted by this situation.

“Organizations need to focus education efforts not just on what ransomware is, but what steps employees should take if they are impacted. Regular communication is especially important right now with new malware strains like BadRabbit posing as seemingly harmless Adobe Flash updates,” said Intermedia CTO Jonathan Levine.