The Unexpected Costs Of Suffering A Ransomware Attack
Posted by kevinhess Last updated 25th June 2021 reading time
It’s bad enough for victims of a ransomware attack to be compelled to pay their attackers for the privilege of getting their files back. But coping with a ransomware attack involves more than just paying a ransom.
First, How Much Can You Pay?
It is important to consider what the ransom cost might be in such a situation. Unfortunately, the short answer is that there is no short answer.
The attacker is likely to demand as much (or more) than your company would be able to pay. A very good attacker may have already compromised your financial information and thus would have a good idea of what they could reasonably extort you for. It would be particularly nerve-wracking to hear such an attacker ‘helpfully remind you’ of company bank accounts which could conceivably be drawn from in order to pay a ransom.
If the attackers have not compromised your financial information after all, they will still probably ask for a sum of money relative to how big they perceive your business to be. If your business is the largest organic dog food manufacturer in the country, for example, your attackers will probably have heard about it. Expect a large demand in such a situation.
Of course, even if they misjudge your financial situation and merely demand a fraction of what you would be ‘willing’ to pay, it’s more than you rightfully should pay—which is zero.
Is Your Business ‘Under The Radar’? Probably Not
Obviously, larger businesses are bigger targets. But as the saying goes, ‘a bird in the hand is worth two in the bush’.
Smaller companies, while not being as rich of a target as major corporations, are often more enticing targets to hackers overall. This is because small businesses are generally not protected as securely as major institutions, and are often willing to seek an ad hoc compromise when threatened.
Furthermore, the more badly compromised your system is, the more they’ll know about you—and your vendors and clients. If you are a victim today, your suppliers may be a victim tomorrow.
The ransom sum is one expense of suffering such an attack, and by no means is it a trivial one.
However, as with any other crime, there remains considerably more collateral damage that must be swept up besides the actual monetary loss in paying ransom.
First, ransomware attacks involve compromising the victim’s systems for an indefinite period of time, in order to pressure the victim into paying quickly. Imagine shutting most of your business down—unexpectedly—for 3, or 5, or 7 or more days at a moment’s notice.
Could your business survive a surprise 7-day pause in operations? Not all business can afford to take an unexpected week off while vendors await payment and customers stew over delayed orders.
Haste Makes Waste
In the event that your company suffers a ransomware attack, you might think that a near-total business shutdown would at least enable you to give your full, undivided attention towards coming to a solution for the problem.
However, this isn’t at all the case.
Your customers are going to be knocking on the door, probably (and hopefully) unaware of the security breach.
If you’re not making it to client meetings or responding to emails, you’re not meeting their expectations.
Furthermore, any experts you contact on an ad-hoc basis are going to come at premium pricing.
If your IT support team has to work weekends or overtime, that’s going to cost you a lot. An IT contractor might be ready to start work tomorrow on your problem, but the costs will add up fast. You may even have to hire a ransomware negotiator to recover your data (yes, they exist).
Finally, your customers are going to be worried—rightfully so—about the security of the data they’ve entrusted your company with.
Whether your company holds simple information such as shipping addresses or company contacts, or sensitive material such as stored payment info or account passwords, customers are going to be uneasy about dealing with a company who effectively lost their personal data.
Let’s face it—even though the responsibility for the act lies on the hacker, customers nonetheless expect companies they do business with to protect themselves.
If customers aren’t comfortable giving you the information your company needs to do business with them, they just might not do business with you at all.
Prevention—And Mitigation—Are The Best Cures
According to data security industry leader Kaspersky, over half of ransomware victims pay their attackers in the end. Those who don’t often find their data for sale on the Dark Web, or scattered all over the internet as a warning for future victims.
A comprehensive security solution involves both prevention and mitigation measures.
Preventative measures keep threats from ever getting onto your network in the first place. These include measures such as antivirus protection and spam filtering, which intercept threats before they ever land on your system.
Endpoint Detection and Response (EDR) measures are mitigation protocols which contain and control damage once a threat has breached the system, and can automatically repair many types of attack even before anyone notices something is wrong.
When it comes to information security for your business, it’s better to be safe than sorry. Protecting your system from outside and inside is a complete and comprehensive solution to facing the growing problem of ransomware attacks.