Ransomware Costs May Surprise You

Did you know that the United States is the leader in ransomware payments? According to a survey from Mimecast titled “The State of Ransomware Readiness,” the U.S. has the highest average payment for ransomware out of the entire world at more than $6 million per victim. These shocking numbers likely stem from high-profile ransomware attacks, but they are also indicative of a larger problem, that being people who still pay the ransom.

This study examined 742 cybersecurity professionals and found that 80 percent of them had become victims of ransomware attacks over the past two years. Of that 80 percent, 39 percent paid the ransom, with the average United States victim paying $6,312,190. To put that into context, let’s take a look at other parts of the world.

• Canada: $5,347,508
• United Kingdom: $850,000
• South Africa, Australia, Germany: $250,000

That’s for those who actually paid up, though. Close to 40 percent of victims did not pay the ransomware at all, and some were even able to negotiate a lower ransom. That said, the survey also cites that the primary instigation of these ransomware attacks were phishing attacks and web-based threats, and many victims believed that they needed to improve the security of their data centers.

Perhaps the best tool against ransomware attacks is to have a data backup system in place, but again, the survey claims that less than half of respondents had data backup systems in place. Even with this fact, 83 percent of respondents claim they can get their data back without paying the ransom, and 77 percent believe that they can get their operations back to normal within two days.

If your company were to suffer a ransomware attack, we urge you to think before taking any action to resolve it. First of all, what if you’re not actually infected and just making things worse for yourself by paying up? Second of all, what guarantees do you have that your data will be safe and unencrypted should you decide to pay the ransom? And third, how many other businesses or individuals are going to suffer because you just funded the activities of a cybercriminal? All of these factors influence how successful a ransomware attack is.

One thing you absolutely should do is contact your trusted IT resource to determine the extent of the attack. After this has been determined, you should have an easier time figuring out how to address your predicament. Still, we never recommend you pay the ransom. There are often other options to pursue; you just have to have the gumption to look past the immediate panic and focus on the big picture. Plus, you can also implement security solutions and measures that can deter ransomware later on, like multi-factor authentication, user permissions, and unified threat management.

Don’t let ransomware hold your business back from achieving its full potential. To learn more about how you can secure your company’s future, reach out to us at 708-781-7110.