The global and independent platform for the SAP community.

How Not To Do It

Maybe you recently heard about one of the few ransomware attacks with a good outcome concerning Maastricht University?
Reiner Dresbach, Cybereason
September 30, 2022
avatar
This text has been automatically translated from German to English.

Digital ransomware not paying

Maastricht University, for example, will get back the ransom it paid in a ransomware attack in 2019. And because the criminals' account, which has since been seized, was filled with cryptocurrency, the university will now also receive Bitcoins - which are now worth many times more than they were back then. However, this stroke of luck should not be a model for other institutions and companies to pay digital ransom. The following still applies: It is not worth paying!

The numbers away from Maastricht University speak for themselves. In the study "Ransomware: The True Cost to Business 2022", a very different picture emerges around ransomware attacks: Thus, a large proportion of companies (82 percent) that had paid a ransomware claim became victims of attackers again. But not only that! More than half (63 percent) also had to pay more the second time than the first time they were attacked. A full 66 percent of respondents who were victims of ransomware a second time were targeted again by the same attackers.

If that is not enough proof that you should not pay, you can also take a look at the costs and benefits of ransom payments: On average, respondents in Germany paid just under half a million euros in ransom. But only just under 30 percent of the companies that paid got their data and systems back without any problems. In the 70 percent of other cases, problems arose because some of the returned data was damaged or the data thieves' encryption keys did not work properly. For the high sums of money demanded, this is a risky gamble with poor prospects.

So unless it's a matter of life and death, for example because vital and acutely necessary medical data is encrypted, companies should not respond to ransomware scammers' demands. 

avatar
Reiner Dresbach, Cybereason

Reiner Dresbach is Vice President Central at Cybereason


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 24, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.