Okay, let’s say you’ve been infected by a ransomware attack, and (against our advice) you’ve elected to pay the ransom. That’s the biggest cost that comes with it, right?
Unfortunately, wrong. A ransomware attack comes with a lot more financial impact than just the payment the attacker demands. Let’s go over some of these other costs that can actually outpace that of the ransom.
According to a survey that Software-as-a-Service review site GetApp conducted of 300 business leaders whose businesses had been victims of ransomware, only 11% of respondents considered the ransom payment itself to be the most consequential impact.
Multifaceted extortion is becoming a favorite tactic of many attackers, with 60% of those surveyed having experienced it in tandem with the ransomware attack. In addition to locking down the target’s files, an attacker will often steal them and later threaten to leak them on the Internet unless another payment is received. Alternatively, a business may be targeted by a distributed denial of service (or DDoS) attack—where an attacker floods their target’s servers with traffic, overloading them and crashing their website and exposing them to potential data breach.
This kind of multifaceted extortion has also proved very effective indeed. Whereas the survey found that only about 31% of those targeted by “vanilla” ransomware would pay up, that rate nearly doubled when multifaceted extortion came into play. In those cases, 58% of targeted businesses shelled out the ransom.
According to GetApp, 64% of the businesses they surveyed who had experienced multifaceted extortion were struck by ransomware and DDoS traffic, 51% were hit with ransomware and data theft, and 23% had to deal with all three.
Believe it or not, those businesses that GetApp surveyed didn’t see the actual ransom payment as the worst of their experienced impacts. In fact, only 42% did, with 21% seeing minimal repercussions from it. The same went for the reputational impact that these businesses saw—slightly more saw major impacts at 43%, but more also saw no or minimal impact at 26%.
Far and away, GetApp’s research indicated that the biggest impact, felt by the most businesses as a result of their ransomware infection, was the lost productivity they suffered. A full 70% of surveyed businesses ranked the effect ransomware had on their productivity as a major impact, with just 13% saying the impact was minimal. And no wonder… ransomware can potentially render your entire business inert for the time it takes to resolve the threat and restore from a backup.
The vast majority of those surveyed (69%) also found themselves cut off from their business systems for at least seven hours, 8% dealing with the attack for at least a week. We also need to discuss the fact that ransomware can also lead to a loss of clients. 62% of surveyed business owners confirmed that ransomware had lost them a client, with 38% stating that multiple clients had left them.
All of these factors combined, it is little wonder that ransomware is an extremely costly attack to deal with. Out of those surveyed, 49% of those that paid had costs over $50,000, all said. However, the same could be said for 34% of those that didn’t pay.
So, since it is clear that ransomware is something that it's best not to have to deal with at all if you can help it, let’s dive into how you can help keep it from darkening your doors.
Phishing is no joke on its own, and is often used as a way to spread cyberattacks like ransomware. You need to know that your team is trained on how to spot, recognize, and report potential phishing attacks. Phishing simulations are an effective way to stress-test your team members and gauge their preparedness.
Alternatively, some ransomware can sneak in through a software vulnerability. Keeping everything on your network updated and replacing hardware and software once security updates are no longer provided is an important element of your security. On a related note, any devices that don’t frequently receive these patches—things like Internet of Things devices and the like—should be isolated on a separate network to prevent a threat from piggybacking on one of them to access your business.
Reach out for assistance in locking down your business’ network against a wide variety of threats, ranging from ransomware to the various others that cybercriminals can, do, and will use against you. Give us a call at 561-795-2000 to get started.