Hidden costs of ransomware attacks on the business

One of the fastest growing malware hazards is Ransomware in the 21st century, giving threats to businesses and public institutions around the world. A particularly dangerous and fast evolving kind of malicious software, it contaminates computers and mobile devices, again and again spreading across networks to other devices. It quietly encrypts every data file it finds if it compromises a system even one time, then displays a ransom note to the user demanding an online payment of big amount of dollars (to be paid in cryptocurrency like Bitcoin) in return for the decryption keys needed to restore the user’s locked files.

About 9 out of 10 companies infected with ransomware suffer two days or more without access to their files   

For an example of a notorious attack that hit companies in the whole world was the spring of 2017 WannaCry outbreak, which troubled over 200,000 computers in over 150 countries. Its costs globally have been estimated to total a huge amount $8b. The NotPetya ransomware variant seized many more thousands of businesses and public institutions in a global net, In the summer of 2017 and in spite of letting victims pay a ransom, inflicted essentially unrecoverable damage. Bad Rabbit cyberattacker eruption disrupted thousands of systems across Ukraine, Russia, and the European Union in autumn of 2017’s.

Examples of the frightening costs of ransomware attacks    

IT security professionals must admit that the cost of a ransomware attack goes far beyond the blackmail payment, into planning defensive strategies. A regularly increasing list of the victimized companies has reported  that other costs associated with an attack like lost sales, downtime, angry customers, opportunities, the expense of attack mitigation and recovery, damage to company brand reputation, also penalties for disappointed contractual obligations to customers, and fines for non-submission make the cost of the ransom look minor.     

Because of ransomware attacks, there are big losses of companies, institutes, and many departments. These attacks have unleashed large-scale downtime and economic harm on many industries, including local governments, police departments, logistics companies, automotive manufacturers, healthcare providers, financial services institutions, and transportation systems around the world. Rarely a week goes by without news of another successful and costly ransomware attack. A few examples are as below:    

⦁ National Health Service (NHS) of the United Kingdom. The eruption of 2017 by WannaCry globally, which affected over 200000 computers of 150 countries, conducted many (hundreds) facilities of the NHS to a halt for several days, resulting in the abandonment of so many (thousands) of appointments and operations and the frantic relocation of emergency patients from stricken emergency centers.

⦁ In (New York, USA), Erie County Medical Center, where they lost access to 6000 computers, needed a recovery process and six weeks of manual operations that ultimately cost US$10M.

⦁ Due to a ransomware attack Danish transportation and logistics giant Maersk suffered $300M of business interruption losses. A 20% drop in its shipping volume forced by downtime, during the recovery effort, it had to fall back to manual operations and it required Maersk to re-install 45,000 PCs, 4000 servers and 2500 applications over ten days.

⦁ The NotPetya ransomware cost $140M dollars in disrupted production to British pharmaceutical and CPG maker Reckitt Benckiser estimated that by its victimization, goods it could not deliver to customers, recovery costs, cleanup.

⦁ An alarming trend shown by the aggregate dollar value of ransoms that criminals have successfully collected from victims. Ransoms increased from $325M in 2015 to $5B in 2017, and are forecasted to reach $11. 5B by coming time.