A survey of 500 information technology decision-makers in Britain has found that a significant number of companies are stockpiling bitcoin in anticipation of a ransomware attack.

The survey, from the United Kingdom office of Citrix Systems Inc., found that 42 percent of those surveyed said their companies were hoarding bitcoin they could use to mitigate a future ransomware attack. And not insignificant amounts either. The average holding was 23 bitcoin, currently worth $62,480 at today’s exchange rate. Hackers undertaking ransomware attacks usually ask for payment in bitcoin, because the transactions are anonymous.

Smaller companies are actually more likely to keep a ready supply of bitcoin on hand than larger businesses, with 50 percent of businesses between 250 and 500 employees stockpiling the digital currency, while large businesses with 1,000 or more employees seemed less concerned, with only 24 percent saying that they had a ready supply of bitcoin on hand should they face the worst.

The amount companies are willing to pay out in a ransomware attack, including those who did not hold bitcoin, also rose. Those surveyed said their companies were willing to pay an average of £136,235 ($176,500) to regain access to important intellectual property or business critical data, up 361 percent from the same survey undertaken last year. Notably, more companies are willing to pay a ransom should their businesses suffer from a ransomware attack, with the number of companies saying that they would not be prepared to pay a ransom dropping from 25 percent in 2016 to 22 percent this year.

While the stockpiling of bitcoin and willingness to pay ransom payments isn’t all that surprising in a post-WannaCry environment, the survey did find something deeply disturbing: More than half of large British businesses still don’t back data up at least once a day.

“Cybercriminals employ ransomware to exploit the vulnerabilities that exist within British organizations,” the company said in a blog post. “Many businesses are still being caught out. Organisations must ensure they’re prepared for this very real threat. They must take positive steps to safeguard the IT network, and to protect mission-critical data.”

Image: Pixabay