How Much Should You Expect To Pay When Ransomware Hits?
How Much Does Ransomware Really Cost?
What’s the actual cost of a ransomware attack? Did you know that there expenses beyond the ransom itself? What can you do to prevent having to pay these expenses in the future?
Earlier this summer, the rate of ransomware attacks grew to the point that Louisiana’s governor declared a state emergency. After three school districts had been targeted by cybercriminals, the governor did what was necessary to provide these schools with resources needed to protect themselves.
While no details have been provided as how much these school districts have been asked to pay, it’s easily in the tens of thousands of dollars. A study by RiskIQ from this year found that one organization gets hit by ransomware every 40 seconds, with an average cost of $15,000. Regardless of what these school districts pays in the end, it won’t be cheap.
What about your business?
Could you wait more than a week after a ransomware attack to start turning your computers back on?
How long could you hold out before the loss of business and downtime would cause permanent damage to your bottom line?
How Does Ransomware Work?
In a ransomware attack, a hacker gains access to an organization’s computer systems. Typically, an unsuspecting employee clicks on an emailed attachment that appears to be a bill or other official document.
In actuality, the attachment installs a malicious software program (malware) onto the computer system. Once embedded, the malware allows a hacker to access critical systems, often giving complete remote control data and access.
Hackers are getting more sophisticated. Today, the malicious code may be placed on a website. When a user with an unsecured or unpatched software program accesses the site, the malware slips inside that user’s computer.
What Expenses Are Associated With Ransomware Attacks?
There are a number of key costs that will come with a ransomware attack, including…
This is the most obvious cost, and it just keeps going up. According to cybersecurity company Coveware, what was an average ransom of $6,733 in 2018 has increased to $12,672 in 2019.
As Kapersky notes, 34% of businesses hit by ransomware take up to a week to regain access to data. In that week, you’re still incurring costs associated with downtime while you and your staff can’t access your data.That’s time in which you can’t get work done, can’t serve your clients, can’t gain new business, and still pay your employee wages and ongoing costs to keep the lights on.Put simply? Lots of expenses with no revenue.
Lastly, there’s the cost of damage control. Do you have to hire an IT company to help you out? Do you have to hire a forensic cybersecurity crew to determine how you were attacked? Do you have to pay fines for breaching HIPAA or FINRA regulations? These all get added to the bill for getting hit by ransomware.
How Do You Protect Your Business?
It is recommended that organizations continue to be vigilant when it comes to safeguarding systems and educating employees. The two areas that the FBI recommends that organizations focus on are:
- Creating and frequently reviewing a robust business continuity plan that can be deployed in the case of a ransomware attack. Data should be backed up regularly. The backups should be inspected to verify that they maintain their integrity. Backups need to be secured and kept independent from the networks and computers they are backing up.
- Ensuring employees receive proper awareness training and that prevention controls are in place and comprehensive.
7 Key Tips To Keep From Paying For Ransomware
Be sure to follow these tips, which are applicable to organizations, employees and individual computer users:
- All software, firmware and operating systems should be patched on desktop and digital devices (including smartphones, tablets, and laptops). A centralized network patch management system can make the coordination of these efforts easier in large organizations.
- Confirm that anti-malware and antivirus settings are deployed to automate all updates and to continually conduct system and device scans.
- Have very clear access and authorization procedures in place. Do not provide administrative access to employees unless absolutely necessary. Administrator accounts should be used sparingly.
- Access controls should be configured so that shared permissions for directories, files and networks are restricted. The default settings should be “read-only” access to essential files, with limited permissions for write access to critical files and directories.
- Train your staff to ask themselves these key questions before opening an email:
- Do I know the sender of this email?
- Does it make sense that it was sent to me?
- Can I verify that the attached link or PDF is safe?
- Does the email threaten to close my accounts or cancel my cards if I don’t provide information?
- Is this email really from someone I trust or does it just look like someone I trust? What can I do to verify?
- Does anything seem “off” about this email, its contents or sender?
- Macro scripts in office files should be disabled when sent over email.
- Software restriction policies should be created or other controls implemented that prevent the execution, especially in the common locations where ransomware lurks, such as temporary folders used by the most common web browsers.
If you’re not sure about how to ensure your protection against ransomware and other cybercrime threats, then don’t try “fake it ’till you make it”. Be sure to consult an IT company if you’re unsure as to the state of your organization’s ransomware contingencies.
Like this article? Check out the following blogs to learn more: