Paying a ransom pales in comparison to the actual damage costs involved with a ransomware attack, which includes:
- Damage and destruction (or loss) of data
- Lost productivity
- Post-attack disruption to the normal course of business
- Forensic investigation
- Restoration and deletion of hostage data and systems
- Reputational harm
- Employee training in direct response to the attacks
Tallying it all up, Cybersecurity Ventures predicts ransomware damages will cost the world $5 billion in 2017 and climb to $11.5 billion in 2019. Those figures are up from just $325 million in 2015.
The rising costs are driven by an uptick in the frequency of attacks. Ransomware is projected to attack a business every 14 seconds by the end of 2019, up from every 40 seconds this year.
Some industries will be more targeted than others. Ransomware attacks on healthcare organizations are expected to quadruple by 2020. But that doesn’t necessarily mean they’ll pay more ransoms.
“We do not store Bitcoin for ransomware and do not make payments to recover data,” says Jim Routh, chief security officer at Hartford, Conn.-based Aetna, one of the nation's leading diversified healthcare benefits companies.
Saying no to ransom demands, backing up all data in the enterprise, training employees on how to detect and react to spear phishing emails (which is how 91 percent of cyber attacks originate), and more timely patching (software updates), are the best practices that many IT security leaders are following.
Companies buy Bitcoin in case of attack
However, battening down the hatches to protect against hackers is easier said than done — and businesses are hardly devoid of Bitcoin — much as it can be argued by many experts for an alignment to Routh's thinking.
CyberArk’s CEO Udi Mokady recently told CNBC Mad Money’s Jim Cramer that many companies who fall victim to ransomware are buying Bitcoin to pay off the hackers.
A disturbing trend is brewing in the U.K., where organizations are seemingly more likely to pay ransoms.
“About a third of mid-sized British companies report having Bitcoin on hand to respond to ransomware emergencies when other options can't be immediately exhausted,” says Gotham Sharma, managing director at Exeltek Consulting Group, a New York City-based consulting firm specializing in cybersecurity and digital privacy.
“Interestingly, the percentage of British companies who don't regularly back up data is also about a third,” adds Sharma.
John McAfee — his last name synonymous with antivirus software — has turned his attention to stockpiling cryptocurrency over the past year. The Chief Cybersecurity Visionary at MGT Capital Investments says many companies are storing Bitcoin in the event of a ransomware attack, but they won’t say so publicly.
Still, Cybersecurity Ventures' research indicates the overall number of businesses willing to pay a ransom is declining.
Seeing the potential for massive payouts, hackers have been innovating (new ransomware) furiously, according to a recent CSO article. That’s not likely to wane until the ransom payouts stop altogether.
Visit SteveOnCyber.com to read all of my blogs and articles covering cybersecurity.