Imagine your business becomes the target of a ransomware attack. The situation is dire, and you need access to your data. You decide to pay the ransom, even though all security professionals advocate for the opposite. The worst is behind you, you think. This is unfortunately not the case; there are countless other costs that ransomware can bring to the table, and none of them are good. Let’s examine the true cost of ransomware beyond just the ransom.
According to a survey from Software-as-a-Service review website GetApp, of the 300 business leaders they interviewed who suffered from a ransomware attack, about 11% of respondents claimed the ransom as the most significant impact as a result of a ransomware attack.
Double-extortion is one big reason for this. It has grown in popularity with hackers, and according to the survey, 60% of respondents found that in addition to their data being stolen, hackers have threatened to leak the data online unless payment has been received.
DDoS attacks are also another common way that hackers can harm your business in addition to the ransom. DDoS attacks launch immense amounts of traffic at your network to the point where it is forced to shut down. They are often used to bring down websites or services rendered, as well as possibly opening up other opportunities for data breaches.
The multi-pronged approach to ransomware attacks has proven to be quite successful for hackers. The survey indicates that 31% of those targeted by ransomware claimed they would pay the ransom, with the rate almost doubling to 58% if the above multi-faceted approach is used. GetApp found that 64% of businesses dealt with ransomware and a DDoS attack, 51% dealt with ransomware and data theft, and 23% dealt with all of the above.
The survey also indicates that businesses don’t see the ransom as the primary consequence of the attack. Only about 42% did see the ransom as the biggest problem, whereas 21% saw minimal impacts. On a similar note, 43% of businesses suffered reputational damage, whereas 26% were not impacted much at all.
GetApp’s research also showcases that lost productivity is a critical part of any ransomware attack. 70% of businesses indicated that they felt it as a major impact, whereas only 13% thought of it as a minimal impact. The lost productivity was seven hours or more with 69% reporting that they suffered for that long. 8% of respondents claimed that ransomware plagued them for a week or longer. Furthermore, as you can imagine, ransomware can alienate your clients. 62% of respondents claimed they had lost a client due to ransomware attacks, and 38% indicated they have lost multiple clients.
All things considered, ransomware is expensive and can be devastating to unprepared businesses. 49% of respondents to the above survey who paid the ransom paid up to $50,000, but 34% had to pay the same amount, despite not paying the ransom itself.
Ransomware is something you would rather avoid than deal with, so let’s talk about how you can keep your exposure to it at a minimum.
Phishing is the leading cause of data breaches, and it is the preferred method of spreading ransomware. If you keep your team in-the-know about how to identify phishing scams, you can ensure they will address them appropriately. We recommend training them and following up regularly with simulated testing.
Software vulnerabilities are nothing new, but ransomware can leverage them just as well as any other threat can. This is why it’s so important for you to keep your systems up to date, especially if your software is no longer supported by the developers. It also doesn’t hurt to isolate your network from potentially unpatched devices by setting up a dedicated network for these devices or for guests to use.
We want to ensure that your business is protected from ransomware threats. Let the professionals at Horne & Benik help you out. To learn more, contact us at (603) 499-4400.
Comments