In 2021, Ransomware Attacks cost businesses an estimated $11.5 billion. But that’s just the beginning of the story. What about all the other consequences of ransomware attacks? How do they affect businesses? In this blog post, we’ll take a look at some of the most important ransomware facts and statistics for 2021. We’ll also discuss what businesses can do to protect themselves from these devastating attacks.
Ransomware is a type of malware that encrypts a victim’s files and demands a ransom payment in order to decrypt them. Ransomware attacks can be incredibly damaging to businesses, often leading to lost revenue, downtime, and data loss. Ransomware infected emails are generally veiled with other important emails. Thus, you invariably end up clicking on the spam link, and malware gets entry to your computer system. These attacks can happen both at an individual level or on a larger scale mainly targeting the big corporates.
Ransomware Attacks are one of the biggest cyber attacks today, gradually increasing year by year. Businesses are still in vulnerable positions, whereby Ransomware Attacks can still easily target them and have the potential to cause irreversible damage. Forbes Insights found a ransomware fact that stated 46% of organisations suffered damage to their reputations and brand value as a result of cybersecurity breaches in 2021. Damages mainly revolve around these key areas:
Businesses lose an average of $140,000 per ransomware attack due to data loss, downtime, and recovery costs. Data loss can cause a business to be down for 10 days or longer, meaning factors such as product sales and business productivity are affected.
The businesses who experience ransomware attacks and who pay ransom for their data back, only receive around 60% of their data back and therefore loose around 35% of their data, which they never get back. This is a hugely common repeated mistake that businesses keep making as this is a short term fixture, meaning its likely for your business to experience a second ransomware attack from the same hacker group.
Instead of paying huge sums of money for ransom payments, businesses should invest in cyber security services and structures that will benefit their business long term instead of paying huge sums of money for ransoms after every successful attack. The average ransom payment has increased massively from 2020 to 2021.
Ransomware attacks can cause significant downtime for businesses. Which can have a major impact on revenue, as businesses are unable to function for the full time of these days.
The average cost of downtime caused by a ransomware attack is $53,000 per hour.
This downtime can be hugely costly for businesses as this is time that the business is not operational and therefore not making any money. The average downtime costs are rapidly increasing each and every year.
Recovering from a ransomware attack is generally 10 times the size of the ransom payment. This means the recovery is the worst part of the attack.
Businesses also risk damaging their reputation and because of this, loose clients and customers loyalty, leaving them in a position where they have to regain their customer base.
Ransomware Attacks often come back on the business for their lack of security. Rather than a sense of understanding, businesses experience more criticism for their lack of security and safety, which can impact their clients and customers.
These are a few factors that have significantly impacted Ransomware over the years.
It’s no surprise to anyone that the pandemic changed a-lot for businesses. Ransomware was and still remains one of the biggest threats to businesses and this has significantly increased since the pandemic.
Remote working caused a huge impact on businesses and their security. Due to not having the IT support daily in the office environment, employees were individual from home. This caused a pressure behind the screens experiencing a whole new way of working.
New networks were discovered and used more frequently such as Zoom. But unfortunately new/popular platforms become primary targets due to the huge use from the public. Networks such as Zoom, Microsoft teams and online messaging platforms were key targets for hackers.
On May 7, 2021, America’s largest “refined products” pipeline went offline after a hacking group called Darkside infiltrated it with ransomware. Colonial Pipeline covers over 5,500 miles and transports more than 100 million gallons of fuel dailyThe colonial pipeline attack was a huge attack during the pandemic that impacted the whole of the oil and fuel industry across the whole of the US.
The operation recovered 64 of the 75 bitcoin that Colonial Pipeline paid. At the time of the recovery, the 64 bitcoin were worth approximately $2.4 million.
On June 7, 2021, the DOJ announced it had recovered part of the ransom. US law enforcement officials were able to track the payment and take back $2.3 million using a private key for a cryptocurrency wallet.
On May 31, 2021, JBS USA, one of the largest meat suppliers in the US, disclosed a hack that caused it to temporarily halt operations at its five largest US-based plants.
JBS, which spends more than $200m (£141m) on IT and employs more than 850 tech specialists, said the FBI described the cybercriminal group that carried out the attack as “one of the most specialised and sophisticated” in the world.
WannaCry is a ransomware attack that hit over 230,000 computers in more than 150 countries. The WannaCry attack was one of the biggest ransomware attacks in history. The attack caused billions of dollars in damage and impacted some of the world’s biggest companies.
In May 2017, a global ransomware attack known as WannaCry spread rapidly across the globe. Fortunately, a security researcher discovered a kill switch that stopped the spread of the malware. However, the WannaCry attack was a wake-up call for businesses and showed how vulnerable they are to cyberattacks.
Since the WannaCry attack, there have been many other ransomware attacks that have caused significant damage.
Ransomware doesn’t discriminate. All industries can be targeted by ransomware attacks, some more primary than others, but businesses of all sectors and sizes can be victims. These a few listed statistics to show the impact of ransomware attacks to each industry.
Below is a list of the most deadliest ransomware gangs and their main attacks.
The FBI has linked the Conti ransomware group to over 400 cyber attacks on organisations around the globe. In addition to being one of the most ambitious ransomware gangs, Conti is also the most trustworthy and unreliable of all. Attackers from this group usually send a phishing email originating from an address that the victim trusts.
(Known now as Sodinokibi)
REvil first emerged in April 2019 and has since then been behind some of the biggest ransomware attacks. The group is believed to be from Russia and uses sophisticated tools to target big businesses. One of their most notable attacks was on Travelex, a foreign currency exchange company along with the JBS attack and computer manufacturer, Acer.
DarkSide is a ransomware gang that operates as a Ransomware-as-a-Service (RaaS) operation that sells its services to affiliate malware gangs on the dark web. Darkside conducted one of the most damaging ransomware attacks in recent history on May 9, 2021, targeting Colonial Pipeline, shutting down 6,000 miles of pipeline which resulted in widespread shortages. DarkSide is a relatively new ransomware gang on the scene.
The Clop ransomware group has been active since at least mid-2019 and is notable for its use of a sophisticated modular ransomware framework called REvil. The group has carried out attacks against high-profile targets such as Airbus, Energias de Portugal, and Nissan. The group appears to be based in Russia and uses both phishing and ransomware attacks. Clop ransomware group is responsible for the attacks on companies like the jet manufacturer Bombardier, residential mortgage servicer Flagstar Bank, security firm Qualys and the Universities of Miami and Colorado.
Another one of the dangerous ransomware gangs haunting organisations worldwide is Netwalker. The gang has brought in more than $30 million in ransoms since their appearance. Having been responsible for crippling several hospitals, schools and government agencies throughout the world.
Some of the most notable victims of the Netwalker ransomware include the Crozer-Keystone Health System, the Australian transport company Toll Group and California University’s COVID research sector.
Ensuring you take the necessary steps to protect your business from ransomware threats and risks is vital. Below are a few effective ways to prevent ransomware attacks from impacting your business or employees.
Educating your employees and training them to spot ransomware attacks is the most important step to preventing ransomware attacks, ensuring staff understand the importance of cyber security will secure your workplace further from attacks.
Avoid clicking any links sent in texts, emails or even instructed over the phone. A ransomware fact states that Phishing emails are involved in 70% of data breaches, showing how common they are in workplaces, this is why it’s vital to be able to spot them.
Implementing a system such as password managers can massively help reduce the risks of cyber attacks, encouraging your employees to create more complex passwords to avoid the risk of hackers guessing staff passwords.
Firewalls and antivirus stop any malicious content or software from entering your systems, it’s important to have these in place as an extra layer of protection.
Backing up all important data and files is vital to avoid the devastating effects of ransomware, if all else fails you can restore your system without having to pay a ransom.
Working with cyber security experts is the most effective way to protect your business from ransomware, they will be able to provide you with the latest methods of protection as well as being on hand to help if an attack does happen.
A: It is not advisable to pay the ransom as this could encourage the attacker and does not guarantee that you will get your data back.
A: The amount of ransom demanded varies depending on the type of attack, the size of the organization and the amount of data encrypted.
A: Healthcare, Education, and Government sectors were hit the most by ransomware attacks in 2020.
A: The best way to prevent a ransomware attack is by working with cyber security experts who can provide you with the latest methods of protection to fully secure your business against ransomware attacks.
Ransomware is a serious threat to businesses and organisations worldwide, with attacks becoming more common and destructive. Ransomware is not going away any time soon. Ransomware attacks are increasing year by year constantly evolving with new techniques and new technology targeting businesses in as many industries as possible. To secure your business from Ransomware Attacks, enquire below.