US-focused ransomware report highlights serious financial damage
I routinely discuss the dangers of ransomware here at Bytagig. If you keep up with Bytagig’s blog, it’s another “oh boy, Doug’s on another ransomware tangent again.” And I hear you, it’s an exhausting subject. But one which bears discussing, because the fallout of a ransomware attack is costly. It’s where the blurry idea of ransomware danger and actual fallout merge.
Mimecast conducted a recent report, surveying cybersecurity teams to get a fuller picture of damages ransomware attacks incur. 742 teams were interviewed, revealing some harrowing statistics about attack volume and cost. For example, 80% of those teams were attacked by ransomware schemes over two years.
Almost half of those targeted with ransom demands paid out, 39%. And how bad were the damages? Why, the low, low amount averaging about $6,300,000. Or, $6,312,190 to be exact. On the other side, roughly 40% of those attacked did not pay a ransom, while the remaining 13% negotiated the initial demand down.
How did these attacks occur?
You’ll be shocked to hear a majority of the ransomware (and other attacks) occurred mainly thanks to phishing schemes. Over half of the respondents declared phishing was the primary delivery source, which is unsurprising, given the prolific role of social engineering and its effectiveness. Phishing emails targeting businesses had ransomware attached to them in most cases.
Other surveyed victims said they were attacked by “drive by” ransomware downloads and problems with web security.
Even with those associated costs and damages related to data loss, there’s an even scarier fact: less than half of the surveyed said they had no backup options. No BDR plans, no way to recover lost information, no response plan for a ransomware/malware attack.
The other half did have backup measures, but greatly desired larger budgets for improved BDR strategies. Executives overseeing these lethargic policies did so because of their confidence towards data recovery. So much that surveyed executives, 83% in fact, declared they could get their information and data back without paying any ransom. In a further display of brazen confidence, 77% believed they could return to normal operations within 2 to 3 days of a ransomware attack.
As you can clearly see from the previous statistics, that isn’t true. And, depending on how prolific this mindset is, reveals another problem with the approach towards cybersecurity, specifically related to ransomware. While bravado against ransomware gangs and related threats is admirable, it underestimates a serious problem. Is it because executive heads and IT teams don’t want to spook investors and customers? Possibly. But if that’s the case, you know what frightens them more? IT breaches.
It’s worth noting, despite the majority claiming they paid no ransom or could return services to normal within days, 40% paid the demanded ransom.
The costs continue
The pain does not stop with the ransom payment. In fact, costs continue to hemorrhage the enterprise’s bottom line well beyond the breach date. That’s because of losses associated with downtime, brand damage, and customer dissatisfaction to name a few things. Others include costs incurred for recovery and possible infrastructure replacement. From the survey, 40% experienced downtime and service disruptions.
Now, you get a sense of the bigger IT picture. Hundreds of competent tech-reliant businesses are routinely targeted by ransomware operations in some capacity. The cost is severe, before and after the fact.
The next time you feel uncertain about the havoc ransomware can cause, just look to the numbers.
-Douglas James
