Ransomware is an ever-evolving attack tool used by cybercriminals to threaten organizations, institutions, and government agencies into paying them a ransom in exchange for the release of critical or sensitive information that’s often been encrypted by the threat actors.
As the attack that hit the city of New Orleans in mid-December demonstrates, ransomware is becoming increasingly sophisticated and complex, and the global financial impact of this particular type of malware is estimated to grow to $20 billion by the end of 2021.
The cost of the ransomware attack on the city of New Orleans was likely to be about $7 million, Chief Administrative Officer Gilbert Montaño told the New Orleans City Council in February. About $3 million of the cost went to restoring computers, removing malware, and paying IT staff overtime, while the other $4 million went to purchasing new security tools, replacing outdated equipment, and staffing a cybersecurity team.
In a troubling trend, the incident with the city of New Orleans was followed by similar cyberattacks on numerous other Louisiana entities, including an attack at Louisiana ITI College in Baton Rouge earlier this year, according to an article on NOLA.com.
“With the exponential growth we’ve seen in malicious cyberattacks over the last five years, there’s no reason to expect that it’s going to change,” Bryan Vorndran, special agent in charge of the FBI’s New Orleans Field Office, told the news agency.
Ransomware attacks on businesses and organizations in the New Orleans area and elsewhere are solely about financial gains. When these destructive cybersecurity issues occur, there are no good options for victims. The resulting pressure and need to return operations to normal without having to build from scratch can make you feel like you have no option at all but to pay the ransom. However, that is not necessarily the case, and making that decision can ultimately cost you more in the long run, as well as expose you to future threats.
Although it might seem like handing over a bitcoin ransom is the simplest and most cost-effective way to deal with a ransomware attack, evidence suggests otherwise. According to an analysis by researchers at Sophos, which was published in the State of Ransomware in 2020 report, the average cost of a ransomware attack for organizations that paid the ransom was nearly $1.4 million. For those who refused the ransom demands, the average cost was about half, or $732,000.
There are a few key factors behind these numbers. Even after paying handsome sums of six figures or more, victims may receive back only part of their information. In other cases, receiving the encryption doesn’t fix the entire mess, leaving portions of the network still locked down. Your organization then incurs additional costs to restore the network to full working order. Meanwhile, threat actors—who are rarely traced—gain information about your organization’s security infrastructure and its vulnerabilities. That, along with the knowledge that you are willing to pay up, can make your business or agency the target for another attack in the future.
Another potential financial ramification for companies who pay the ransom is a negative perception about how the situation was handled. Chester Wisniewski, a principal research scientist at Sophos, told ZDNet it could “raise concerns with investors about your security and ability to protect regulated data if you have to disclose where that million dollars went.”
When it comes down to it, prevention is the best solution to avoid being faced with a decision of whether or not to pay a ransom to an unknown criminal entity and fund their future attacks. The first step is ensuring your network is secure enough so as not to fall victim to a ransomware attack in the first place.
A professional IT management firm in New Orleans can help your organization with a myriad of simple tools, such as implementing two-factor authentication, applying patches, and ensuring employees aren’t using default passwords on your network. Our team at BIOS Technologies offers comprehensive security solutions that are tailored to your unique business needs to keep you safe from potential hacks and data breaches.