Ransomware rarely escapes the news headlines. Accenture, an IT consultancy firm, was recently hit by LockBit’s ransomware gang. This attack occurred just days after Gigabyte, a Taiwan-based laptop manufacturer, suffered an apparent ransomware attack. The hackers then leaked gigabytes confidential Intel and AMD data.
Ransomware, which rose in activity during the pandemic, remains one of the most expensive to companies. Large U.S. businesses lose an average $5.66m each year to ransomware.
While we often hear of multimillion-dollar ransom payments made by hackers, research from Proofpoint and the Ponemon Institute found that ransom payments typically account for less than 20% of the total cost of a ransomware attack. Ransom payments account for only $790,000. Research shows that businesses are most affected by lost productivity, as well as the tedious task of dealing with ransomware attacks.
According to Proofpoint, the process of remediation for an average-sized company takes 32,258 hour, which is more than twice the amount of the ransomware attack’s root causes. For example, phishing attacks were found as the cause of nearly one-fifth ransomware-related attacks in 2017. This has resulted in productivity loss of $3.2million in 2021, compared with $1.8 million in 2015.
Andrew Rose, Proofpoint, told TechCrunch that in the aftermath of ransomware attacks, communication and interaction among employees and affected external parties needs to increase dramatically. This will force many teams to immediately stop all work and concentrate on this urgent matter for days, weeks, or even months.
They are subject to increased scrutiny by regulators, customers and must rely more on third parties. Customers and regulators may increase their workloads. Rose said that customers may also be subject to regulatory fines or lawsuits in class actions.
These aren’t the only financial issues that businesses must deal with. Organizations affected by ransomware will likely face increased cyber insurance costs and high IT expenses. They also may have to pay for external experts, PR staff and legal personnel. Cybereason’s recent research shows that ransomware attacks can also have a negative impact on a company’s brand.
Rose says that there are also potential share prices to drop for public companies. Customers can lose faith in businesses if they learn that their data could be at risk. This may lead to customers leaving the company and moving to another competitor.
Publiated at Wed 18 August 2021, 15:39:43 (+0000).