The cost of ransomware attacks cannot be totaled by the amounts illegally earned by cybercriminals through ransom payments. In fact, the ransom payments are just a tiny fraction of the costs experienced by businesses that have been attacked with ransomware.
Take the recent WannaCry ransomware attacks as an example. The individuals behind that campaign were charging $300 per infected device to supply the keys to decrypt data. The amount gathered by those individuals was a little over $100,000 on Monday this week, even though the attacks involved data being encrypted on approximately 300,000 devices.
However, the cost of ransomware attacks is far higher. The biggest cost of ransomware attacks for most businesses is downtime while the infection is dealt with. Even if the ransom is paid, businesses often lose a week or more while the infection is removed and systems are brought back online. One Providence law firm suffered 3 months of downtime while systems remained locked!
Then there is the continued disruption while businesses catch up from the loss of productivity in the aftermath following the attack. The NHS was still experiencing disruption more than a week after the attacks on Friday 12, May.
Ransomware attacks can also involve loss of data and damage a company’s reputation. Typically, following a ransomware attack, a forensic analysis of IT systems must be conducted to ensure all traces of malware have been removed. Checks also must be performed to look for backdoors that may have been installed. Many businesses do not have the staff to perform those tasks. Cybersecurity experts must therefore be brought in. Additional cybersecurity solutions must also be purchased to ensure further attacks are prevented. The cost of ransomware attacks is therefore considerable.
The WannaCry ransomware attacks have been estimated to have cost businesses more than $1 billion. KnowB4 CEO Stu Sjouwerman said “The estimated damage caused by WannaCry in just the initial 4 days would exceed a billion dollars, looking at the massive downtime caused for large organizations worldwide.”
The cost of ransomware attacks in 2015 was an estimated $325 million, although figures from the FBI suggest that total was reached in the first quarter of the year. The final cost of ransomware attacks in the year was estimated to have reached $1 billion. Recently, Cybersecurity Ventures predicted the cost of ransomware attacks in 2017 will reach an incredible $5 billion. Given the expected costs of the recent WannaCry ransomware attacks, that could turn out to be an incredibly conservative estimate.
Cybercriminals are not concerned about the damage caused by the attacks, only the amount they can extort from businesses. The returns may be relatively low, but they are sufficiently high to make the attacks profitable. More and more individuals are also getting in on the act by using ransomware-as-a-service. Not only are ransomware attacks likely to continue, major cybercriminal gangs are likely to increase the scale of the attacks.
Businesses should be aware of the huge cost of ransomware attacks and take appropriate action to prevent those attacks from occurring. Having a backup of data may ensure that a ransom payment does not need to be made, but it will do little to prevent huge losses from being suffered if ransomware is installed.
Preventing ransomware attacks requires security awareness training for employees, advanced spam filters to stop ransomware from being delivered to end users’ inboxes, web filters to block individuals from accessing malicious URLs, endpoint protection systems to detect and block ransomware downloads, advanced firewalls and antivirus and antimalware solutions.
Fortunately, with appropriate defenses in place, it is possible to block ransomware attacks. Those solutions do come at a cost, but considering the losses from a successful ransomware attack, they are a small price to pay.