In a welcomed break from the usual cybersecurity headaches, ransomware attacks seem to be leveling off.
But, That doesn’t mean they’re going away.
In fact, statistics show that, although one vendor’s customers see about the same number of attacks as last year, it still equates to over 150,000 ransomware attack detections per week, worldwide.
Unfortunately, as attackers continue to expand their skills and impact, some organizations call cyberattacks “part of the cost of doing business.”
This doesn’t need to be the case.
With the right strategies, you can choose to make your business less vulnerable.
Those who accept these attacks as a “cost of doing business” may soon realize the costs are higher than expected – maybe even more than their business can withstand.
In fact, over the past few years, ransomware produced unfortunate firsts: the first ransomware attack to shut down a college, the first ransomware responsible for closing businesses, and even the first ransomware death.
While financial costs can be dealt with, the death of a single person or even the closing of a company is too high a price to pay – especially when many ransomware attacks can be avoided, or at least mitigated, through basic cybersecurity and monitoring.
A failed business, and a college closing its doors for good
Even before the strains of the pandemic, small businesses were financially crippled by ransomware.
In 2019 ransomware attacks led to the permanent closure of two smaller medical facilities: Wood Ranch Medical and the Brookside ENT & Hearing Center.
Then, in January of 2020, a ransomware attack closed a 300-employee telemarketing agency located in Sherwood, AR.
Now, with the additional pressures imposed by the pandemic, many companies simply can’t survive an attack – even 157 year-old institutions like Lincoln College.
Already suffering from pandemic induced enrollment declines, Lincoln College’s financial struggles were compounded by a ransomware attack in September 2021.
Now, in the wake of the attack, the college informed the Illinois Department of Higher Education and Higher Learning Commission it will permanently close as of May 13th.
Death by ransomware?
In September, 2020, a ransomware attack took down the admission and patient record systems for the Duesseldorf University Clinic in Germany, preventing the hospital from accessing the records needed to treat the patients safely.
As a result, one patient in critical condition died in transit while being rerouted to another location.
Although authorities later determined the patient was in such poor health that the cyberattack little difference, the case still drew headlines worldwide. Ultimately, prosecutors decided against pursuing the issue.
Yet, there’s an even more tragic event emerging as the first ransomware death.
Only last September, a lawsuit was filed alleging that a July 2019 ransomware attack is responsible for the death of an infant in a US hospital.
An eight-day struggle with a ransomware attack prevented proper access to patient health records, a wireless tracking system for locating medical staff, and equipment that monitored fetal heartbeats.
Without the proper medical devices and alert systems activated, the baby was born with the umbilical cord wrapped around the neck, leading to severe brain damage and eventual death.
Even later text messages from the attending physician conceded, “This was preventable.”
Regardless of the outcome of the case, it’s a heart-breaking situation that never should have occurred.
Estimating ransomware damages
Sure, many organizations do survive a ransomware attack, but often at high costs.
Think the ransom itself is biggest expense? Well, it’s a reasonable assumption, but far from reality.
Experts estimate that ransoms tend to be a mere 15% of the recovery costs.
You see, in order to maintain their business models and generate revenue, ransomware gangs need ‘affordable’ ransoms. Otherwise, they stand no chance of receiving a payment.
So, on average, these criminals set the ransom between 0.7% and 5% of their victim’s annual revenue.
But, the costs to recover IT systems, along with business losses and other expenses then to be much larger, averaging $1.4 million.
And, a recent survey found an astonishing 2/3 of the respondents suffered a ransomware infection in 2021.
OK, so maybe you can just pay the ransom and move on, right? It’s not that simple, either.
Actually, most companies can only recover 61% of their encrypted data, while only 4% of those companies paying ransoms recovered it all.
A rapid increase in numbers
Despite executive orders and more than 250 state bills proposed to improve cybersecurity, experts see very little change in corporate and municipal attitudes towards defense.
It’s an attitude that magnifies the situation, since organizations which do not take cybersecurity seriously contribute to the proliferation of gangs and attacks.
Though the FBI issued a $15 million reward for information about the Conti ransomware gang’s identity and location, it still wasn’t enough to stop the gang from attacking the country of Costa Rica.
The attack was so crippling, it even forced their government to declare a state of emergency.
Other notable ransomware victims this week include the $9 billion dollar agricultural equipment manufacturer AGCO, and the beverage giant, Coca-Cola.
The number of the first ransomware gang attacks also continues to rapidly increase, with this year seeing the arrival of:
- BlackCat Ransomware-as-a-Service (RaaS) – notable as the first ransomware programmed using the hard-to-detect programming language Rust
- Black Basta – a new group showing old capabilities, suggesting this is a new name for an old gang.
- Cuba– known for attacking Exchange vulnerabilities
- Quantum– notorious for attacks that last less than four hours
- Onyx- notorious for destroying files > 2 MB instead of encrypting them
- VHD– linked to the North Korean Lazarus group
Get the support and protection you need
Defending against a ransomware attack, like most everything in IT, is much easier said than done. However, organizations with strong security clearly suffer less damage and recover faster than the unprepared.
As you can see, the effects of ransomware goes well beyond ‘the cost of doing business’.
It’s a cost that simply shouldn’t be left to chance.
Contact Blue Bastion at 412-349-6680, or fill out the form below, and our team of security experts will provide a no-obligation, simple-to-understand discussion about easy steps to prevent ransomware damage such as: cybersecurity monitoring, network vulnerability scans, penetration tests, firewall settings reviews, and more.
