When ransomware encrypts a computer file system it can cause irreversible data loss. Even more alarming, cybercriminals are increasingly using ransomware to freeze systems and extract money from their victims. Ransomware losses for businesses average $2,500 with some organizations willing to pay $1 million or more to decrypt their data.
The Beazley Group found small- to medium-sized businesses are at the largest risk. Its data reveals a 133 per cent increase in email-compromise incidents from 2017 to 2018.
Ransomware and your money
Sometimes the most expensive part of a ransomware attack is not the ransomware demand, but the loss in infrastructure and time:
- In 2019, the Baltimore government’s computer system was hit by ransomware that crippled the city for over a month. Recovery cost estimates were over $18 million. The cybercriminals demanded $76,000 in Bitcoin, but the attack impacted every aspect of its citizens’ daily life, including ATMs, airports, and hospitals.
- In 2017, the Atlanta city government spent over $17 million to recover from a ransomware attack. Again, the large amount wasn’t due to the ransom demand of $52,000 in Bitcoin, but the cost to recover.
- In 2017, despite FedEx’s knowledge of a threat to its Dutch subsidiary’s (TNT Express) systems, the company took a $300 million loss due to ransomware. The cost wasn’t a result of paying the ransom, but primarily how it impacted the company’s operations across Europe. Also of note is that FedEx did not have cybersecurity insurance in place to cover the loss.
As you can see, in many situations the ransom demand isn’t the biggest cost to your business – it’s the disaster recovery and system downtime costs.
Ransomware is an easy way for cybercriminals to make money. According to McAfee, ransomware grew by 56 per cent in the last four quarters.
- Dharma and Ryku ransomware are now the most-common variants and will continue to be the most common in 2019. (Source: Coveware)
- Cybersecurity Ventures predicts ransomware will cost $6 trillion annually by 2021.
- McAfee predicts some common ransomware targets will decrease. However, the company suggests cybercriminals will target less-common and more-vulnerable victims, including individuals with high-net values and connected devices (IoT).
- Palo Alto Networks predicts an increase in Mac ransomware this year.
- MIT predicts cloud-computing companies will see increased attacks against their systems. (Source: Computer Weekly)
Contact us to protect your small- to medium-sized business
An IT provider understands how to secure your systems and when you are vulnerable; knowing these things is key to protecting your organization’s bottom line. Should the worst happen, it’s also important to ensure you have the proper cybersecurity insurance in place to cover any recovery cost.
If you have questions about your organization’s security, we can help. Contact Michael Anderson.