More than half of all cyberattacks result in financial damages of more than $500,000, according to the Cisco 2018 Annual Cybersecurity Report.
Damages from ransomware, in particular, have increased 15-fold—a report from Cybersecurity Ventures found that costs shot up from $325 million in 2015 to $5 billion in 2017.
The steep costs associated with ransomware require us to understand what ransomware is and how an attack could affect your organization.
Ransomware is malicious software (malware) that encrypts your data and may even threaten to publish it until you pay a ransom. More often than not, the attacker is the only person who knows the key to decrypt your data.
You may be infected with malware if an email tricks you into opening a link or clicking on an attachment that launches the ransomware.
Ransom costs are usually paid in bitcoin to make the transaction, and the assailant, untraceable.
Everyone is a target for ransomware.
Small- and medium-sized businesses, in particular, are a target. The frequency of successful breaches for SMBs increase every day.
Without an incident response plan and protected data backup methods in place, SMBs risk losing thousands of dollars in ransom payments, plus incident response costs associated with restoring data and cleaning up breaches.
In fact, the cost of the fallout often costs much more than the actual ransom.
Cybersecurity firm Barkly highlights these costs in its True Cost of Ransomware report.
For example, a New York medical center paid 24 bitcoins, or $34,000, to retrieve its files after they were encrypted in 2017. However, the center estimated the total costs of the incident to be nearly $10 million over six weeks.
Another example is Bingham County, Idaho. Ransomware infected servers responsible for dispatching emergency responders. While the ransom payout was $3,500, the county estimates it paid $100,000 in associated costs for more than a year following the event.
In some cases, data is never retrieved, and the costs associated with losing that data can be devastating.
For medical practices and other regulated organizations, a ransomware attack may be classified as a "reportable breach," impacting the reputation of the organization, and costing additional money in fines and penalties.
The threat from ransomware can be mitigated with some basic security controls in place.
First, keep your operating system up to date. Some attackers can exploit security holes without even having to trick users.
Second, install antivirus software. This will help safeguard your computer against threats.
Third, have a secure backup solution that can’t be impacted by attacks. If a hacker tries to negotiate a ransom with you, ignore the deal and instead restore your backup.
Finally, practice security awareness by not clicking or opening things you’re unfamiliar with. Don’t respond to the email, and alert a member of your IT department about the suspicious email.
Take a few minutes to think through an email that seems a bit off. You could save your company thousands of dollars, if not millions, and a whole bunch of time and effort.