The Cost of Ransomware Attacks

Decades ago, criminals needed to plan out bank robberies to access a large payout, but now, cybercrime is making it easy for criminals. Ransomware attacks increased exponentially in 2020. The start of 2021 shows no signs of slowing down. In this blog, we visit some of the biggest ransomware attacks over the last year and how much they cost. Then we recommend 5 ways to help protect your organization from a ransomware attack.

‍

Cyberattacks in 2021

‍

Earlier this year, the beermakers, Molson Coors, suffered a breach that resulted in a system outage. It affected multiple levels of their operations, delaying everything from production to delivery.

‍

Most recently, international technology conglomerate, Acer, fell victim to a cyberattack by the faction responsible for REvil ransomware. Acer’s 50 million dollars ransom far exceeds the previous record amount of 30 million dollars.  While it may be the first prominent attack of the new year, it definitely highlights a series of prominent occurrences that plagued 2020.

‍

Cyberattacks Around the World in 2020

‍

2020 has proven to be a good year for cybercriminals.  The same cannot be said for several prominent businesses and organizations worldwide.  It is considered the busiest in terms of cyberattacks.

‍

United Kingdom

‍

It is estimated that in 2020, hackers have profited to the tune of close to 48 million dollars in the UK alone. Sadly, many UK organizations do not practice security monitoring.  Reports suggest that roughly only 50% of UK businesses and charities actually practiced any cybersecurity measures.  Some of these relying on outdated anti-virus software.

‍

India

‍

Reports from India reveal that the country suffered 300 million ransomware incidences in 2020 alone.  This number represents an increase of 62% over 2019. It is believed that with the increase in the number of people working from home, cybercriminals developed and adopted cloud-based tools to take advantage of the potentially greater number of points of entry.

‍

United States

‍

In the United States, various establishments, including Universities and Municipal governments have paid out over 144 million dollars in ransom and recovery costs.  The cost of a security breach to an institution goes far beyond any amounts demanded as ransom.  Frequently, ransom, if any, is a fraction of the total cost of a security breach.

‍

Regaining control of as well as assessing and evaluating any compromised systems can be costly and time-consuming, which triggers the characteristic domino effect.  Data recovery, re-structuring, relaunching will all affect productivity and create delays that result in financial losses.  The outcome, if successful, will be costly regardless.

‍

Below is a listof five of the most expensive security breaches of 2020.

‍

The dollar amount listed is based on ransom and/or all recovery costs incurred.

‍

1. Redcar and ClevelandCouncil
UK county management services: $14 million

‍

2. Software AG
German software vendor: $20 million

‍

3. Cognizant
American Tech multinational: $50 million

‍

4. Sopra Steria
French Digital Consulting and Software development: $50 million

‍

5.  ISS World
Denmark conglomerate: $74 Million

‍

We’ve limited our list to only 5 of the many security breaches to have taken place in 2020.  The sheer dollar amount and the stature of the victims is a clear indication that any organization can fall victim.  The wisest thing any organization can do is to reduce the odds.

‍

5 Security Practices to Consider:

‍

1. Managed Detection and Response (MDR): MDR services take an active role in detecting advanced threats and proactively mitigating them before they compromise sensitive data assets or business operations.
2. Antivirus: This, the most basic of security tools will prevent and detect malware as it enters your system.
3. Disaster recovery: A plan for the recovery of as much data as possible in the least and most cost-effective manner.
4. Backup: It's crucial to maintain multiple secured copies of data.
5. Update: Ensure that your operating systems and software are updated.  Oftentimes, updates contain identified security issues and vulnerabilities.  

‍

How To Get Started

‍

Many of these practices can be implemented in-house, provided that management and resources are available. The IT infrastructure must be maintained and updated regularly. Understandably, budgets can be restricting. Small to mid-sized organizations with limited funds are not exempt from protecting themselves from ransomware attacks. They need to protect their data, and most importantly, their business.

‍

Sometimes, the best solution is to consult with business continuity experts, who can assess your needs, identify all the possible options available and finally recommend the best continuity solutions for your business.  They should be able to provide you with affordable, scalable solutions that include the 5 security practices mentioned earlier, as well as a host of other options that you may not even have considered.

‍

Schedule a free consultation with Assurance IT. We use the AIT EPR Methodology to assess your vulnerability and assess the best solutions to secure your organization. Schedule a consult here.

‍

__________________________________

Access The Untold Stories of IT Professionals.

Assurance IT launched IT Spotlight - a weekly newsletter putting the spotlight on IT professionals. Get the inside scoop on their careers, their predictions in the industry and more. Once a week, every week, find out what other IT professionals are up to. Learn more here.

‍