Ransomware: Under Half Of Companies That Pay Ransom Recover Data

Ransomware targeting agriculture and food businesses

Written by: Jay H.

Ransomware is every organization’s worst nightmare. A new study from Telus unveils how ransomware is impacting Canadian businesses and how firms can protect themselves from this ever-evolving threat.

The survey included 463 responses from key decision-makers in Canadian businesses. While the study encompassed all industry verticals, there was a particular focus on eight sectors: financial services, municipal government, education, health, agriculture, oil and gas, retail, and utilities.

Ransomware growing as a threat

Ransomware is emerging as one of the biggest threats for Canadian organizations, especially over these past couple of years. Why is ransomware so rampant? Well, the emergence of COVID-19 forced many businesses to quickly transition into remote (at-home) environments. This left many organizations “adopting first and securing later”, resulting in increased vulnerabilities and cyber risk.

Also, more and more businesses are adopting digital technology, increasing their attack surface with more endpoints and blind spots.

Moreover, ransomware is a very low-risk and profitable endeavour for threat actors who can easily and quickly use ransomware-as-a-service products. And with businesses unwilling to endure costly downtimes, they are often willing to pay the ransom for the (oftentimes false) promise that threat actors will restore their data.

Organizations not getting what they paid for

Eighty-three percent of Canadian organizations reported attempted ransomware attacks, and 67 percent experienced a ransomware incident. Of those impacted, 44 percent paid the ransomware – and shockingly, only 42 percent had their data fully restored! Hackers are increasingly not keeping their word and restoring business data like they promise to, and many firms are finding themselves out of their data and their money.

Unfortunately, for many firms, the ransomware attack did not end after the ransom payment. 15 percent of Canadian organizations who suffered from a ransomware attack experienced the same ransomware after recovery! This could be because hackers know these organizations are willing to pay, or because they still have access to their network and can easily strike again.

The cost of ransomware

Businesses that want to negotiate with hackers are going to have to cough up a hefty payment. The average ransom paid by Canadian organizations is $140,000 per attack, with this number significantly increasing for major organizations.

On average, ransom payment will cost organizations $140,000.

Image: Telus

However, organizations impacted know that the real cost of ransomware goes beyond the ransom payment.

“According to survey respondents, the costs associated with downtime account for an average of 16% of the total direct cost of the incident,” explained the authors. “This is much worse for industries like Financial Services, where downtime accounts for an average 22% of the direct costs incurred.”

In addition to downtime costs, attack mitigation and recovery also added significant costs. On average, mitigation costs accounted for 16 percent of direct costs firms incurred.

Beyond ransom payment, the other costly impacts of an incident included ransom paid, downtime, attack mitigation and recovery, labour cost, value of unrecoverable data, revenue loss, regulatory fines, and other costs.

Image: Telus

In addition to these monetary costs, the effects of a ransomware attack on customer trust and brand reputation are difficult to quantify, but they can be enormous. In fact, some reports estimate that 60 percent of small companies go out of business within six months of falling victim to a data breach or cyber attack. Clearly, it’s time for organizations to get their head out of the sand and start taking cyber security seriously now.

Protecting your business

Your organization needs to take a proactive approach to ransomware and develop a multilayered ransomware defence strategy. Telus provided several recommendations for fortifying your ransomware defence:

  • Implement a formal vulnerability management program to discover and remediate gaps and vulnerabilities in your organization’s security.
  • Review your incident response plan at least once a year and update it as necessary.
  • Leverage ransomware defence controls, including:
    • Strong email filtering to defend against phishing attacks.
    • Endpoint protection for every endpoint on your network.
    • 24 x 7 monitoring and response so that swift, automatic responses are taken when threats are detected.
    • Routine security awareness training so your users know the role they play in keeping themselves and your firm safe.
    • Threat intelligence monitoring to increase your visibility into the threat landscape and discover sensitive data threat actors may use to compromise your systems.
    • Multi-factor authentication wherever possible to have strong, unique credentials for every account.

The best way to protect your organization from ransomware is to work alongside a managed IT service provider such as Design2Web IT to implement the above recommendations and more. Our comprehensive IT services ensure your firm is secure from ransomware, viruses, hackers, and other threats. In addition, we help ensure your employees are safe from the effects of phishing, social engineering and other cyber attacks. For more information on how we can keep your organization safe and secure, please contact us today.

Protected by Copyscape

Comments are closed.