Ransomware Costs You More than Just the Ransom

According to Those Who Paid Up, the Ransom Wasn?t the Worst Part

According to a survey that Software-as-a-Service review site GetApp conducted of 300 business leaders whose businesses had been victims of ransomware, only 11% of respondents considered the ransom payment itself to be the most consequential impact.

Multifaceted extortion is becoming a favorite tactic of many attackers, with 60% of those surveyed having experienced it in tandem with the ransomware attack. In addition to locking down the target?s files, an attacker will often steal them and later threaten to leak them on the Internet unless another payment is received. Alternatively, a business may be targeted by a distributed denial of service (or DDoS) attack?where an attacker floods their target?s servers with traffic, overloading them and crashing their website and exposing them to potential data breach.

This kind of multifaceted extortion has also proved very effective indeed. Whereas the survey found that only about 31% of those targeted by ?vanilla? ransomware would pay up, that rate nearly doubled when multifaceted extortion came into play. In those cases, 58% of targeted businesses shelled out the ransom.

According to GetApp, 64% of the businesses they surveyed who had experienced multifaceted extortion were struck by ransomware and DDoS traffic, 51% were hit with ransomware and data theft, and 23% had to deal with all three.

We Still Haven?t Gotten to the Worst Part

Believe it or not, those businesses that GetApp surveyed didn?t see the actual ransom payment as the worst of their experienced impacts. In fact, only 42% did, with 21% seeing minimal repercussions from it. The same went for the reputational impact that these businesses saw?slightly more saw major impacts at 43%, but more also saw no or minimal impact at 26%.

Far and away, GetApp?s research indicated that the biggest impact, felt by the most businesses as a result of their ransomware infection, was the lost productivity they suffered. A full 70% of surveyed businesses ranked the effect ransomware had on their productivity as a major impact, with just 13% saying the impact was minimal. And no wonder? ransomware can potentially render your entire business inert for the time it takes to resolve the threat and restore from a backup.

The vast majority of those surveyed (69%) also found themselves cut off from their business systems for at least seven hours, 8% dealing with the attack for at least a week. We also need to discuss the fact that ransomware can also lead to a loss of clients. 62% of surveyed business owners confirmed that ransomware had lost them a client, with 38% stating that multiple clients had left them.

Whether or Not the Ransom is Paid, Ransomware is Expensive

All of these factors combined, it is little wonder that ransomware is an extremely costly attack to deal with. Out of those surveyed, 49% of those that paid had costs over $50,000, all said. However, the same could be said for 34% of those that didn?t pay.

Ransomware is Better Avoided

So, since it is clear that ransomware is something that it’s best not to have to deal with at all if you can help it, let?s dive into how you can help keep it from darkening your doors.

Prevent Phishing Attacks

Phishing is no joke on its own, and is often used as a way to spread cyberattacks like ransomware. You need to know that your team is trained on how to spot, recognize, and report potential phishing attacks. Phishing simulations are an effective way to stress-test your team members and gauge their preparedness.

Manage Your Patches

Alternatively, some ransomware can sneak in through a software vulnerability. Keeping everything on your network updated and replacing hardware and software once security updates are no longer provided is an important element of your security. On a related note, any devices that don?t frequently receive these patches?things like Internet of Things devices and the like?should be isolated on a separate network to prevent a threat from piggybacking on one of them to access your business.

We Can Help You Prepare for Ransomware

Reach out for assistance in locking down your business? network against a wide variety of threats, ranging from ransomware to the various others that cybercriminals can, do, and will use against you. Give us a call at (603) 889-0800 to get started.

Related Posts

Tip of the Week: Zip and Unzip Compressed Files

Have you ever seen the file types that look like normal folders, but they have a zipper on the icon? These are ZIP files, and they are helpful for a variety of reasons. We’re sure you have encountered zipped files throughout your time using technology, and today, we want to demystify them a little bit and show you how to use them effectively. What are Zipped Files? The easy way to explain a ZI...

Are Your Recovery Expectations Lined Up with Your Capabilities?

Let?s discuss the different perspectives to take into account as you establish your RTO and RPO standards. RTO and RPO Establish Where the Point of No Return Lies Just to contextualize what we mean when we reference your recovery time objective and recovery point objective, these metrics describe the worst-case scenario that you could still operate within. When it comes to your RTO, it is how lo...

You Need to Have a Business Continuity Plan for Your SMB

Business technology is known to be remarkably finicky, particularly if you do not have the requisite knowledge to manage and maintain it. After all, there is a reason why you hire an IT department or a managed service provider to handle this role. What happens if your technology fails, though? Do you have a plan in place? What does a plan like this even look like, anyway? Let’s dig into the detail...

Strategies to Control Your Passwords

Passwords are the keys to digital access, but they're often not treated as keys; meaning they aren’t always protected by their users. Unfortunately, people don’t always do everything they can to protect their passwords and there are a lot more scammers out there than pickpockets. Effective password management is crucial for any business. It works to maintain the security of online accounts and se...