Costs of a Ransomware Attack
A ransomware attack disrupts more than just computers; it can disrupt the livelihood of workers and businesses alike. The hidden costs and consequences piled on top of the disruption after the initial attack adds up fast. Moreover, a ransomware attack can happen more than once to a single company, meaning costs can balloon out of control quickly.
The extent of the damage is not always limited to the ransom demand. Additional costs can also include:
- Hiring consultants to perform internal review and forensics of affected computer systems
- Employee retraining after the attack
- Lost productivity
- Destroyed or lost data
- Compromised customer data
- Lowered customer confidence
- Damage to a business’s reputation
- Disruption to the business post-attack
Some ransomware attacks can be very expensive, costing millions of dollars in damages, which makes avoiding such attacks a critical issue for businesses to tackle.
Time and Productivity Loss
The loss of productivity is an important factor for businesses. An infected computer needs to be reimaged, user data needs to be restored from a backup, patches need to be reapplied and unique software needs to be reinstalled. For an average computer it can take more than 6 hours to recover it back to the way it was before a ransomware attack. During this time the user may have limited ability to do his normal work.
Targeting Sensitive Data
Hackers commonly target sensitive and business-critical data, as companies are more willing to hand over money than risk important data being unusable for day-to-day operations. For example, in January 2018, a hospital in Indiana handed over 4 bitcoins, worth $55,000 at the time, to receive decryption keys to recover their data from the ransomware attackers. While the hospital had been prepared with backups, their CEO decided it was not worth the hidden costs of restoring the backups to continue operation of the hospital. Even with redundancies, a well-prepared business can still incur costs when they are attacked by ransomware.
The Economics of Ransomware
Hackers often attack multiple computer systems to spread their malware to as many computers as possible. However, the ransom demanded, is usually in untraceable cryptocurrency such as bitcoin, and is often priced such that it is desirable for the victim to pay up rather than bear the entire cost of lost data. This business model makes it attractive for many illegal hackers to enter the ransomware market, causing some to estimate that by the end of 2019 we will see a ransomware attack every 14 seconds. Moreover, reports suggest that ransomware damages have cost the world $5 billion in 2017, with the trend indicating that damages will continue to increase, with costs projected to hit $11.5 billion by 2019.