“The knock-on effect of a data breach can be devastating for a company. When customers start taking their business—and their money—elsewhere, that can be a real body blow.” – Christopher Graham

In January 2021, we witnessed the largest ransomware demand in history: the $50 million ransom demand from Acer by REvil gang. Although the actual amount paid will be considerably less then the original demand it is still extremely lucrative for cyber criminals.

Richard Hughes, head of technical cyber security at the A&O IT Group, commented: “Ransomware attacks are a major source of income for cyber criminals, with a huge reward for very little effort. The $50m demand is the highest currently known and while shocking, only serves to demonstrate the potential that the perpetrators see in this form of attack.”

According to Forbes, the average cost of Ransomware doubled in the final quarter of 2019, to $84,116. Since then, we have had a massive shift in digital transformation with almost the entire workforce shifting to WFH environment. IT departments had to deploy devices to enable WFH often times with little to no added layer of security. This phenomenon was an enticing invitation to the cybercriminals to exploit the gaps in coverage and attack all vulnerable networks through phishing attempts, MiTM, Social engineering…etc.

According to a recent survey by Gearbrain, this resulted in almost a 300% increase in average ransomware paid in 2020 to over $233,817. Cyber crime is projected to cost the world $10.5 trillion annually by 2025.

Is the cost of ransomware the only cost for organizations? The answer is no.

Cyber criminals are in the business to encrypting data and demanding a ransom in order to provide keys to decrypt their data. They are not in the business of maintaining data hygiene whilst they have possession of the data. There is no guarantee that an organization will get all of their data back fully decrypted and usable once the ransom is paid. Recovering files from backup and restoring encrypted systems is often easier said then done.

Here are a few examples of ransomware attacks where the cost goes beyond just the ransom paid.

1) Danish transportation and logistics giant Maersk suffered $300M of business interruption losses due to a ransomware attack. The downtime forced a 20% drop in its shipping volume when it had to fall back to manual operations during the recovery effort, which required Maersk to re-install 4000 servers, 45,000 PCs, and 2500 applications over ten days.*

2) Erie County Medical Center (New York, USA), which lost access to 6000 computers, requiring six weeks of manual operations and a recovery process that ultimately cost US$10M.*

3) Tech vendor Nuance recently reported that a ransomware attack it suffered in the fall of 2017 cost it $68M in refunds to customers for service disruptions and another $24M in cleanup costs.*

Beyond the ransom amount paid, there is also the cost of downtime, lost customer confidence, legal and punitive damages, and brand damage.

Home Depot, a US retailer, reported a breach in their payment system. The size of the hack makes it more likely Home Depot will face steep costs. Billguard, a security protection firm, estimated costs as high as $3 billion for the company. It already faces a class-action suit on behalf of Canadian customers, launched by Saskatchewan lawyer Tony Merchant. He estimates up to four million Canadians may be affected by the breach.

DIY Home Decor? Yes!

DIY Cyber Security? NO!

There is a huge talent shortage in the world of cyber security, so for companies lacking the right expertise, it is difficult to build out a full team that can support your unique needs. Have a look at my other recent posts on  XDR, MDR and MFA to understand how we can help you build your Cyber Security posture to fit your unique needs.

*Source: https://cdn2.hubspot.net/hubfs/4423734/marketing/blog/HPE%20Ransomware.pdf