ENTERPRISE SECURITY

Staying a Step Ahead of Ransomware

BRIAN WALLACE | November 16, 2021

Ransomware attacks are becoming more frequent and far more detrimental to business operation, software infrastructures, privacy safety, and information security. In 2020, the frequency of ransomware attacks grew by 7x or more. This upward trajectory is projected to continue with a minimum of 3 out of 4 IT organizations being confronted with at least 1 ransomware attack by 2025. The true cost of ransomware attacks is up to a whopping $20 billion - the total global ransomware damage costs predicted for 2021.


Ransomware attacks often halt business operations, costing businesses up to 23x more than the ransom itself. The costliness of ransomware attacks varies slightly by enterprise size. In 2019, small to medium enterprises (SMEs) represented 98% of claims.In 2019 alone, ransomware claims ranged between $2,500 and $10.1M, with an average claim of $424,000. Often disregarded when tallying ransomware attack damages, business interruption loss also takes a hefty financial toll on businesses. That same year, for SMEs, the average cost of businesses due to interruption was $1.2 million per incident, with the highest cost being $6.5 million.
The heaviest post-attack costs are data loss, insurance premium increases, and heightened risk of reinfection. 82% of ransomware attack victims report significant data loss, and on average, 61% of ransomware attack victims have lost data to corruption. Insurance premium increases are also financially draining. In the first quarter of 2021, premiums increased 29% in January, 32% in February, and 39% in March. For high-risk organizations, premium increases of up to 50-60% may become the norm. On average, deductibles were raised to $1 million, encouraging more insurance clients to opt for cyber coverage, which has increased from 26% in 2016 to 47% in 2020. Reinfection rates pose financial threats as well. Reinfection occurs 80% of the time with 46% of victims suspecting that it was the same attackers. These damages that ransomware attacks leave behind are worth bracing against.


In 2021, the ransomware group Avaddon made headlines after announcing that they were shutting down. Officially, the group had 88 known victims, but decryption keys were released for 2934 victims. While the full extent of Avaddon’s schemes has yet to be uncovered, it has been safely concluded that if all the victims paid the average reported amount, the group made about $1.8 billion. Unfortunately, just 3% of victims reported Avaddon’s attacks.
Many organizations still think of ransomware as one-off attacks, like the infamous WannaCry attack in 2016.  Today, ransomware is far more complex and many are multifaceted. Ransomware attacks may be deployed along with network penetration (compromising your organization’s network with stolen credentials and/or malware), credential harvesting (collecting login credentials for critical systems, such as Domain Name System (DNS)), attacking backups (data storage can provide a roadmap to what information is most sensitive), and/or double extortion (thread of publicizing data theft after a ransomware attack — often in response to companies saying they won’t pay).  With the pandemic’s reorientation toward remote work and learning, cyber businesses and cyber education are backbones of today’s society, which makes securing them crucial.  Failing to do so can breed a slew of downstream issues including job losses and business losses among a plethora more.


There’s never been a better time to protect your business from ransomware. The best ways to do so are to stay up-to-date, increase employee awareness, back up data, and adopt malware detection. Staying up-to-date involves keeping track of patches and software updates, which are key to protecting yourself against ransomware. Increasing employee awareness entails empowering employees to assess whether an attachment, link, or email is trustworthy. It’s critical to keep data backed up on external devices to aid recovery should there be an attack. Last but not least, adopting malware detection, early detection of suspicious activity, is your first line of defense. 

Become a contributor

Spotlight

One Identity

One Identity helps organizations establish an identity-centric security strategy with Identity Governance and Administration (IGA), AD Account Lifecycle Management and Privileged Access Management (PAM) solutions.