The cost of ransomware attacks cannot be estimated by the amounts illegally earned by hackers due to ransom payments. In fact, the ransom payments are just a small part of the costs experienced by companies that have been attacked with ransomware.
Consider the recent WannaCry ransomware attacks as an example. The individuals behind that campaign were charging $300 per infected device to hand over the keys to decrypt data. The amount gathered by those individuals was a little over $100,000 on Monday this week, even though the attacks involved data being encrypted on around 300,000 devices.
However, the cost of ransomware attacks is much more. The biggest cost of ransomware attacks for most companies is downtime while the infection is addressed. Even if the ransom is paid, businesses often lose a week or more while the infection is removed and systems are brought back online. One Providence law firm experienced three months of downtime while systems remained locked.
Then there is the ongoing disruption while businesses catch up from the loss of productivity after the attack. The NHS was still suffering disruption more than a week after the attacks on Friday 12, May.
Ransomware attacks can also involve loss of data and damage a company’s brand. Normally, following a ransomware attack, a forensic analysis of IT systems must be completed to ensure all traces of malware have been removed. Checks also must be performed to look for backdoors that may have been downloaded. Many companies do not have the staff to perform those tasks. Cybersecurity specialists must therefore be brought in. Additional cybersecurity solutions must also be bought to ensure further attacks are prevented. The cost of ransomware attacks is therefore significant.
The WannaCry ransomware attacks have been calculated to have cost companies in excess of $1 billion. KnowB4 CEO Stu Sjouwerman said “The estimated damage caused by WannaCry in just the initial 4 days would exceed a billion dollars, looking at the massive downtime caused for large organizations worldwide.”
The cost of ransomware attacks in 2015 was calculated $325 million, although figures from the FBI suggest that total was passed in the first quarter of the year. The overall cost of ransomware attacks in the year was estimated to have reached $1 billion. Recently, Cybersecurity Ventures estimated the cost of ransomware attacks in 2017 will reach an incredible $5 billion. Given the expected costs of the recent WannaCry ransomware attacks, that could turn out to be an incredibly low estimate.
Hackers are not worried about the damage caused by the attacks, only the amount they can extort from companies. The returns may be relatively low, but they are sufficiently high to make the attacks beneficial. More and more people are also getting in on the act by using ransomware-as-a-service. Not only are ransomware attacks likely to go on, major hacking gangs are likely to increase the scale of the attacks.
Companies should be aware of the huge cost of ransomware attacks and take proper action to prevent those attacks from happening. Having a backup of data may ensure that a ransom payment does not need to be completed, but it will do little to prevent huge losses from being suffered if ransomware is downloaded.
Preventing ransomware attacks requires security awareness training for staff, advanced spam filters to stop ransomware from being shared to end users’ inboxes, web filters to block individuals from accessing malicious URLs, endpoint protection systems to discover and block ransomware downloads, advanced firewalls and antivirus and antimalware solutions.
Luckily, with appropriate defenses in place, it is possible to prevent ransomware attacks. Those solutions do come at an expense, but considering the losses from a successful ransomware attack, they are a small price to invest.