Nigerian companies at mercy of cybercriminals, as 70% pay for ransomware attack
Cybercriminals increased their attacks on Nigerian businesses in 2021, exploiting business owners with ransomware, as 5,600 small and medium enterprises in 31 countries fell victim.
According to Global cybersecurity firm, Sophos, in its ‘State of Ransomware 2022’ report, cybercriminals attacked 71 percent of businesses last year through ransomware.
Ransomware is an extension of malware, used to paralyze the system of an organization by cybercriminals who take possession of an organization’s database, and places encryption key, to deny the company access.
In order for organizations to have access to the stolen files, they have to pay for the encryption key. And according to Sophos, 40 percent of companies in Nigeria caught in the web paid in exchange for the key despite having backup data.
It was gathered that the organizations prefer to recover the stolen database due to the cost and time needed to deploy the backup data. Sophos also stated that some business’s backup data might not be up to date.
“The survey shows that, globally, the proportion of victims paying the ransom continues to increase, even when they may have other options available.” the report stated.
It further explained that, “There could be several reasons for this, including incomplete backups or the desire to prevent stolen data from appearing on a public leak site.
But the cybersecurity firm said the Nigerian companies put their organization at risk by paying to recover the encrypted data, as the cybercriminals could have put a backdoor in the recovered data, which would enable the hackers gain access to more files or further mess with the organization’s system.
“It’s also an option fraught with risk. Organizations don’t know what the attackers might have done, such as adding backdoors, copying passwords and more.
“If organizations don’t thoroughly clean up the recovered data, they’ll end up with all that potentially toxic material in their network and potentially exposed to a repeat attack.” Sophos said.