It has shut down cities, strategic installations, hospitals, and businesses. The impact and frequency of ransomware attacks are on the rise, and organizations of all sizes are scrambling to deal with new ransomware threats constantly emerging.
In most cases of ransomware, the victimized company will be extorted in order to prevent any long-term damage without any guarantees that their payment will solve the issue for good. After all, criminals are notoriously unreliable negotiating partners.
Beyond that, cybercriminals are also getting more and more brazen. The advent of decentralized currencies like Bitcoin have allowed them to demand higher sums without fear of the payment being traced. Also, with every successful ransomware attack, criminals are emboldened to continue increasing their demands.
The advent of AI has been a huge asset to companies trying to defend themselves from cybercriminals. Advanced learning allows systems to be alerted of threats when there is still time to defend against them. That being said, however, experts warn that the same AI and advanced learning can be leveraged by criminals to make their attacks much more devastating. All this adds up to a frightening picture of what the future holds.
In this post, we’ll examine the rising costs of ransomware into 2020 and discuss countermeasures to protect against the threat.
Increasing Demands
As criminals become emboldened by success, they can begin to demand higher ransoms. By the end of 2019, the average ransomware payment was $84,116 — which was an increase of 104% since Q3, when the average payment was only $41,198. This sharp increase is mostly a result of ransomware variants like Ryuk and Sodinokibi beginning to exclusively target high-level enterprise targets with the ability to pay higher sums.
Consequently, a favorite target of cybercriminals are government networks with seemingly unlimited budgets. For example, a Ryuk attack on Lake City, FL, in June resulted in a $460,000 ransom being paid and not even all the data was recovered. Another famous attack on the IT infrastructure of Baltimore, MD demanded a ransom of 13 Bitcoin (approximately $76,280).
In an Emisoft study, it was estimated that the total cost of ransomware in the United States in 2019 exceeded 7.5 billion dollars.
Peripheral Costs
In addition to the payment of the ransom itself, there are a variety of costs that inevitably go hand-in-hand with a ransomware attack.
For starters, there is damage to the victim’s brand. Especially if the victimized company needs to command consumer trust, like a software or security firm, the fact that it was subjected to a malicious ransom attack and forced to capitulate can cause clients to lose faith. Then there are repair costs associated with being victimized, such as hardware replacement.
Additionally, there is the sheer time wastage caused by being locked out of your data. Processes that were automatized need to be done manually and records are completely inaccessible. For example, in the Baltimore attack we mentioned above, the infection and system lockout took place on May 7th, but the systems weren’t restored until May 20th! That’s almost two weeks in which a fully-fledged city government had no access to its records or automated processes. Among other things, this caused the real estate market in Baltimore to tumble due to the inability to process property transactions.
Despite the Baltimore attacker only demanding roughly $76,280, the total cost of the attack to the city of Baltimore was estimated at over $18 million due to the damage it caused vaccine production, ATMs, hospitals, and airports.
Similarly, the Atlanta city government spent over $17 million recovering from a virus attack that demanded only about $52,000 worth of Bitcoin.
Preventative Measures
There are a variety of measures an organization can take to help ensure its safety from ransomware.
The first step to addressing the problem of ransomware is being aware of its severity. If this sounds obvious, it isn’t. According to an October 2019 report from the State Auditor of Mississippi, there is a “disregard for cybersecurity in state government.” Research from the University of Maryland similarly concluded: “that most American local governments do a poor job practicing cybersecurity.”
This lack of awareness in addition to the attractive budget of government offices leaves government IT systems woefully unprepared and vulnerable to ransomware attacks which end up costing millions to the taxpayers. Large organizations, especially government offices, need to take the threat of ransomware extremely seriously.
Investing in a DLP (Data Loss Prevention) service is emerging as a “must-have” for any organization with data that is critical to its functioning.
CenturyLink’s Beyond DLP™️ Solution
The financial implications of smarter ransomware attacks are clear. This increase in the amounts demanded by malicious actors should worry organizations of all sizes and industries. Worse, the direct financial costs aren’t the only implications. The indirect and opportunity costs related to a successful ransomware attack are also on the rise.
CenturyLink’s Beyond DLP™️ is a leading Data Loss Prevention (DLP) solution used by organizations to protect against ransomware and its devastating effects. It solves this challenge using a fully automated solution and without affecting employee productivity. CenturyLink’s team of cybersecurity architects, experienced hackers, industry leaders, and experienced software developers ensure that your organization is secure against ransomware attacks.
To see for yourself, schedule a demo.
