There is some bad news from cybersecurity analysts who have spotted a rise in amounts cybercriminals are demanding from businesses to restore their data and a rise in ransomware incidents. We can see that ransomware isn’t about to go away. However, people fall to see the additional ways victims are paying for these attacks. In other words, there is more bad news. It is expected that ransomware attacks in 2021 are going to cost in excess of $20 billion in damages.

Peaking at $230 thousand was the average ransomware payment while over a quarter of the victims pay the ransomware . These are the latest figures from our threat report from September 2020. But this doesn’t truly give you the whole picture. In order, to do that a further study was conducted to tally and quantify the collateral damage from the rise in extortion amounts and incident occurrences.

Called the Hidden Costs of Ransomware are those items that inflate the cost of an attack which we’ll look at more closely.

Lost productivity

The hours of lost productivity due to a ransomware all add up to the loss of money. Closely related are lost productivity and the length of time to discover the attack according to our survey data. In other words, the faster the attack is detected means limiting the spread of the infection and therefore less time spent on remediation. So, the further ransomware ingrains itself through your system the longer it takes to weed out.

Meanwhile almost 50% of respondents are unaware they have a bug in the system for over 24 hours after first infested.

So, to figure out the dollar value of remediation we need to first understand of the length of time to rectify the system after an incident.

  • 33% were reportedly remediated in 1-3 hours
  • 17% required 3-5 days

Webroot determined low/high-cost estimates for hours of remediation reported by survey respondents, factoring in the varying costs of IT resources.

For the cost of remediation for

  • 33% – $300/$750 for three hours
  • 17% – $4,000/$10,000 for 5 days

(A full breakdown is available in the report.)

Downtime costs

Irrespective of whether an organisation pays a ransom or not. After an incident, how long does it take to return to normal operation?

However, if businesses don’t pay the ransom, they end up recovering their data faster than those who do pay. In fact, 70% were able to recover their data within a business day, compared to 46% that paid the ransom demand, according to the study.

Certainly, this could be due to

  • whether a target had available backups
  • lost time due to back and forth with extortionists
  • time spent making a payment.

To determine how much the downtime costs add up to, is to look at the specific value of the data that’s become unavailable. Is it critical to conducting business operations? By determining the value of data, it prioritises non-critical data and applications to mission-critical data. This helps businesses formulate their recovery time objectives (RTOs). For instance, a mission-critical data a 24-hour recovery may exceed the tolerable limit of their RTO and help drive the cost of downtime. In some cases, higher than the ransom itself.

Impact on client operations

The survey shows that 46% of the businesses taking part reported client operations were also affected negatively by a ransomware incident at their own company. Most importantly, this could result the fracture of business relationships that take time to build and loss of anticipated revenue.

However, that’s not even be the riskiest aspect of client operations being affected.

Last year after the SolarWinds attack what became apparent was the supply chain attacks and their implications.

What came into sharp focus last year after the SolarWinds attack was the implications of these supply chain attacks. To clarify, a cybercriminal compromised a trusted supplier to distribute ransomware. The costs can be enormous as everyone in the supply chain is affected.

Brand and reputational damage

These days ransomware attacks against high-profile targets are always hitting the new headlines and getting TV & media airtime. While your organisation may not be one of those high-profile targets, its reputation and staying power may not survive an attack according to the study. That is to say, businesses admitted their brand was harmed by a run-in with ransomware, 38% of those surveyed. For instance, lost customers, and publicity issues. As a result, businesses could be forced into damage control and must enlist the services PR or communications firms that are expensive, to help repair some of the damage.

But business must do the damage control, or they risk their survival. Customers that are affected by a business’s ransomware attack and there’s no response or silence from the business come across as callous, uncaring and unaccountable. In other words, customers are put off.

Therefore, cybersecurity incidents can have significant consequences causing reputational damage. Most importantly, customers are less likely to stay with business due to loyalty. For example, in the study 61% of customers went to a competing brand in the last year while 77 % say they will change their loyalty quicker now than in the past times.

The list goes on…

This list of the four hidden costs of ransomware is by no means exhaustive. Add to these costs’ fines for breaches of compliance regulation, cybersecurity insurance and several other unexpected expenses.

For all the details download the full report.

Want insights like this in your mailbox? Join our monthly mailing list

How can we make your business better with IT?