Techrecipe

Companies that paid ransomware ransom, 80% will be attacked for the second time

According to cybersecurity firm Cyberreason, ransomware attacks are occurring at an average rate of once every 11 seconds, and damage is expected to reach $20 billion in 2020 alone. According to an FBI survey, damage in the United States alone has increased by 225% compared to the previous year.

The number of organizations responding to this survey was 1,263. Of these, 66% said they had lost revenue as a direct result of ransomware attacks. In addition, there was little to no effect on the size of the company. Breaking down by region, Spain had the highest rate of loss among the responding organizations, reaching 80%.

It is also said that the majority of organizations that had been attacked by ransomware in the past and decided to pay ransom had nothing to do with the next attack. In fact, 80% of the organizations that paid the ransom were attacked again, and half of them said that they were attacked by the same group that carried out the first attack. Related information can be found here.

Meanwhile, cyber attacks using ransomware that forcefully restrict access to the system and demand a ransom have been increasing recently. Colonial Pipeline, the largest oil pipeline company in the United States, and JBS, the world’s largest meat processing company, have suffered damage. Due to this increase in ransomware, it is reported that the ransom payment for ransomware attacks in the United States may be tax deductible.

Although there is no official guideline for paying ransomware ransom, the tax accountant and accountant have revealed that victims report the damage as an ordinary and necessary expense. However, reports are using the phrase that the ransomware ransom is likely to be tax deductible. This is because the IRS, which is responsible for the enforcement and collection of federal taxes, is waiting for an official reply that if the IRS announces that the ransom is eligible for tax deduction, it will give companies an incentive to pay the ransom.

In the case of the Colonial Pipeline incident in May 2021, a ransomware attack resulted in a company shutdown, resulting in a five-day fuel cut off the US East Coast, causing panic due to a lack of gasoline. As can be seen from this case, in the event of a ransomware attack, not only the affected company but also society as a whole may be affected, but the FBI insists that the ransom should not be paid, and the US government does not officially recommend paying the ransom. say no

For this reason, it is only an expression that the ransom payment may be tax-deductible, but it also explained specific precautions when reporting that the ransom paid by the insurance company is not tax-deductible. An IRS spokesperson also said it was aware of the ransomware tax credit and is investigating. Related information can be found here.