Why Ransomware Should be on Your Radar - And in Your Security Budget

Seth Ryan
January 2, 2024
January 2, 2024
Share on

Why Ransomware Should be on Your Radar - And in Your Security Budget

Ransomware threats are here to stay. Once a side character in the cybersecurity game, ransomware is now one of the top Action varieties in recent data breaches according to the 2023 Verizon Data Breach Investigations Report. And with new approaches emerging like double extortion, phishing strategies, and ransomware as a service (RaaS), businesses are unintentionally revealing more vulnerabilities to cyber criminals, making it easier for them to enter your operating system.

So what is ransomware, how much will it cost you, and what do you need to consider as you prepare your security team’s budget for next year?

First, let’s define our terms.

Ransomware is a type of malware. Which brings us to our first question – what is malware? Malware is software meant to damage or disrupt a computer system. In the case of ransomware, malware holds critical systems and sensitive information hostage until a ransom fee has been paid. Malware can enter your software designed as email attachments, within apps, as search engine notifications, through wifi and more. Taking extra internet and email security measures will help avoid these types of ransomware infections.

Now, what will it cost you?

First, there are the fees – which are growing. In 2018, for example, the average ransom was $5,000. Just two years later, that average increased to $200,000 (National Security Institute).

What about the highest fees? An insurance company in 2021 had to fork over a whopping $40 million, according to Business Insider. And they aren’t slowing down: Cyber Ventures predicts that ransomware attacks will cost organizations $265 billion by 2031.

There are other costs to consider, too, like the brand damage and loss of customer confidence that can come with a major breach. Couple that with the fact that experts anticipate ransomware attacks to occur every two seconds by 2031 (Cyber Ventures)  – and you’ve got an even bigger cost center hanging over your company’s head.

Factors to consider when planning for ransomware protection.

Do people rely on your services?

As of 2021, the average downtime associated with ransomware attacks was 22 days (Statista). Downtime in any industry is costly – but for critical infrastructure services, it also means a major interruption to daily life for your customers. Additionally, as the supply chain becomes a more popular target, you’ll need to consider the relative strength or weakness of every link – third parties included.

Where you’ve seen it already: In May 2021, a single stolen password from Colonial Pipeline triggered a fuel shortage across the U.S. Southeast. A month later, seven of the company’s finance systems were still down.

Does your business model depend on exclusive content?

Ransomware focuses on withholding valuable information until a fee has been paid. If your business is content – that means the very novelty of your primary product is also at stake.

Where you’ve seen it already: Video game developer CD Projekt Red suffered a ransomware attack in 2021, leading to the leak of data related to its games – including an unreleased version of Witcher 3.

With the historical precedent of large fees, can you withstand multiple attacks?

You might be thinking that in the event of a ransomware attack, particularly one that demands an enormous fee, you’ll just refuse to pay. On top of the potential damages, we’ve already discussed – be prepared for additional fees that might come next.

Where you’ve seen it already: Taiwanese hardware supplier Acer refused to pay a $50M ransom in March 2021, and by October, they had faced a second attack on a local system in India.

Have you set up the right security sources to prevent ransomware?

While safety is not always guaranteed, there are ways to set your business up for basic protection from ransomware with some additional security tools. Implementing a firewall is a great way to start, as this monitors and controls all ingoing and outgoing network traffic from your site based on security policies you set up. This also blocks malicious software from accessing your computer through network segmentation.

Setting up antivirus on your computer is also a way to help protect yourself and your business. This software is designed to detect and destroy any viruses trying to enter your system.

Lastly, activating multi-factor authentication (MFA) on your system can decrease the chances of ransomware, as a hacker would need additional authentication to get into your system even if they have gained credentialed information.

Do you have an incident response plan?

Ransomware can happen to any company at any time. Having a plan for how to handle these attacks will help your company move quickly, with recovery and restoration measures in place to recover your information as fast as possible. Implementing awareness training for employees is the first step. Discuss what cyber threats are, how to recognize phishing emails, and encourage them to download anti-malware software on their computers and mobile devices. Walk through different scenarios and discuss real-time security solutions that can stop ransomware from happening.

Is ransomware prevention in your security team’s budget yet?

As the past few years have shown us, no one is immune to ransomware attacks – and the pace and intensity of attacks show no signs of slowing down. In a cost-benefit analysis, taking preventive measures against ransomware and promoting security awareness wins out. However, a one-size-fits-all approach is equally a waste of money since some company assets are more critical – and carry more business value – than others. A consultative approach to threat intelligence can help you make the correct strategic interventions to manage your attack surface and prevent future phishing attacks.

Ready to start mitigating ransomware attacks with security controls that fit your business? Email us today at info@collectiveinsights.com (we promise we won’t send any suspicious emails).

P.S. Stay tuned for Part 2 in our ransomware series, where we discuss key preventive actions you can take to secure your enterprise.