Ransomware is a form of malware that infects your computer and encrypts all accessible files, rendering them unusable. The malware can also spread rapidly through a network, infecting many computers in a short amount of time, each demanding a separate ransom. Each device is essentially locked down and unusable until the ransom is paid, generally via a cryptocurrency such as BitCoin which is virtually untraceable. Even when you have a network of just 15-20 computers, the ransoms can add up very quickly to tens of thousands of dollars, but the ransom isn’t the only thing that can cost you a significant amount of money. You must also account for lost productivity, missed deadlines, clean-up costs, and potential reputational damage when calculating the average cost of a ransomware attack.
Let’s start with the ransom. While the average ransomware demand used to be as high as $1435 per device back in 2016 it is now sitting at around $725, up from $392 in 2015. If you choose to pay the ransom for your business which has a network of 15 computers, you’ll have a total cost of $10,875. But remember, even if you pay the ransom, there is no guarantee of getting your files back. In some cases, you will be asked to pay another ransom, or the attackers will simply walk away with your money. If you decide to pay the ransom, you also run the risk of being hit again in the near future. So, it’s best to take precautions before you are hit by a ransomware attack to give your business the best chance of a quick recovery.
Now for the other costs involved, which can potentially be far more than the ransom. A ransomware attack in most cases will have productivity reduced to zero for at least one full day, but depending on the size of your network and how much data has been encrypted, it could be anywhere from a couple of days to a couple of months or more of downtime. One example of these additional costs were shown by a Rhode Island law firm which was subject to an attack in 2016. Even though the firm eventually paid the US$25,000 ransom, they had been unable to access any of their files for three months, which they estimate cost their business a staggering US$700,000 in lost productivity.
Another aspect to consider is the clean-up costs. Even if you are fortunate enough to get your files back with a decryption key after paying the ransom, many businesses find that it takes several hours or even days to decrypt and recover their data, and get their systems fully operational. If you follow government recommendations and don’t pay to get the decryption key you will be faced with a lengthy process of establishing whether the virus has hit shared infrastructure, which files have been affected and if you have secure backups to restore from. However, even backups can be infected, so you may have to restore from further back in time which will mean all of your most recent data is lost.
All of these factors can have a fairly significant impact on a business’s reputation, particularly any business which stores extremely sensitive information such as a medical facility which are common targets of ransomware due to the type of information they keep, or information technology industries which are expected to keep data safe. Most customers have a certain expectation that when they give out their personal, sensitive information, the company they are giving it to will take every precaution to keep it safe. When there is a breach in security and this sensitive information is in the hands of criminals to do with as they please, the affected company loses the trust customers have placed in them, which is extremely difficult to recover from.
As you can probably see, with all of these possible variables it is difficult to be accurate in determining an average overall cost of a ransomware attack, but if the attacker is successful in their attempts, it inflicts severe financial damage. The clean-up costs could easily go into hundreds of thousands, even more for a larger company, and it would be quite hard to put a dollar figure on reputational damage.
How Powernet Can Help
At Powernet, we understand the unique challenges of organisations and have helped a range of business improve their cybersecuirty.