Ransomware is nothing new to businesses, companies and governments. Ransomware market has been around for a long time, causing data breach, encryption of data and damage to intellectual property. Companies, since have been in the midst of improving their cybersecurity across networks, although surveys have suggested that there are still a large number of businesses running without any cybersecurity software or ransomware recovery plans.
There have been some of the biggest ransomware attacks that have been recorded and observed so far, including WannaCry. The bigger the cyber attack, the bigger the damage. In 2015, the total financial loss was recorded to be at $300 million which soared to $5 billion in 2017.
By the end of 2019, the ransomware damages are expected to reach a staggering figure of $11.5 billion.
Actual Cost of Ransomware on Businesses
The ransom that the business has to pay when its data is held hostage by cybercriminals through encryption is far less than the actual cost a business is hit with when attacked. You must have seen the amount a business had to lose after the cyberattack and the amount made by the attackers doesn’t match- it’s because of the figure quoted by the company or victim is actually the total loss suffered. Let’s see the factors involved in money loss.
Data – data breach and encryption causes the victim to pay the ransom which still doesn’t guarantee that the data will be decrypted and ransomware recovery will take place.
Employee Training and Awareness Workshops – A large amount of money is then invested in the training programs, teaching their employees about security vulnerabilities, how to tackle them effectively and what measures to take in-case of a direct attack.
New Cybersecurity Plan – A hefty amount is loaded into the security plans and their implementation- buying and installing of updated cybersecurity software and applications, including hiring of cybersecurity professionals.
Slowed Business – Businesses get slowed down and come to an eventual halt, while the recovery from a ransomware attack is underway; resulting in loss of revenue, sales and profit.
Loss of incoming Business – you stop receiving more deals and business due to the trust and reputation that is damaged.
Recovery Cost – A large sum is invested in ransomware recovery and starting from scratch – even if you have had backups, once the system is affected by a ransomware, it needs to be installed and prepared from scratch.
All of the above mentioned aspects that are severely affected by a ransomware attack, add up to big numbers that we see in reports.
An example would set things clearer – in 2017, a software company by the name of Nuance Communications was attacked by a ransomware called NotPetya, which made the company lose around $92 million in revenue.
Reckitt Benckiser, a well-known company, also affected by NotPetya, was estimated to take the loss in profits of about $117 million. So the actual cost that businesses end up paying after a ransomware attacks them, is far larger than the ransom paid.