Ransomware threats are mounting in volume and in amount demanded from victims. In early 2021, Acer was hit with a ransomware attack, and asked to pay a whopping $50 million.
In addition, criminals have been moving towards attacking SMBs – small medium businesses – in large volume. Although the ransom asked is usually a lot lower than from big corporations, they make up in volume.
This fact is mirrored by the latest statistics in ransomware. Just last year, 83% of Canadian businesses reported an attempted ransomware attack. Of these, about 67% actually became infected with the ransomware. These statics are from the 2022 TELUS Canadian Ransomware Study.
As the statistics show, the chances of being a victim of ransomware in Canada is extremely high. It is no longer a matter of if, but when. This is a striking revelation, and warrants prompt action.
What is a Ransomware Attack?
Ransomware is a rogue encryption software. It gets access to your organization’s files, encrypts them all, and holds the keys for ransom. It is quite a malicious attack as it completely disables the organization’s ability to work.
It can be spread from a link in a spoofed e-mail, a USB key, an insecure port on the network. There are many methods of entry, and so one must ensure there are proper defenses in place.
Cost of a Ransomware Attack
Recent findings indicate that the average Canadian organization is asked for $140,000 in ransom. Although this is the average, most SMBs are asked for considerably less. This amount is mostly reserved for larger corporations.
In reality however, the cost incurred in total can be a lot more than $140,000. For example, a day of downtime will translate to thousands of dollars lost. In addition, the organization’s reputation could be at risk, there could be regulatory fines, and certainly there will be a cost for file recovery.
The initial ransom actually usually translates to less than 20% of the cost of the attack. When everything is added together, the costs can exceed over a million dollars. This of course, depends on the nature of the business.
The damage is even worse when you consider the possibility of lost contracts, and loss of business. This can easily happen if your business is heavily based on trust, as many are. Finance and healthcare are two great examples of industries where ransomware can be absolutely devastating.
No surprise then, that according to TELUS, 22% of victims do not report the attack to the government. It has also been found however, that almost a third of the time, the attack is first reported by a third party. So, staying away from reputational damage is a slippery slope.
Paying the Ransom is Risky
Most businesses don’t wish to pay the ransom. However, when the company is completely paralyzed, many submit to the demands. This is a risky move however, because then you place trust in the criminals to return the data intact.
Only 42% of the businesses who pay the ransom actually end up getting their data restored. Even in the case that you end up getting the data restored, can you trust the data?
In fact, 15% of companies ended up getting re-infected. Although it’s not a high rate, it is still quite striking and something to be concerned about. For example, Acer became reinfected only a few months after the first attack.
How to Protect Your Organization
These are all sobering facts, but what can companies do to protect against ransomware? There’s no one size fits all solution. All companies have different IT infrastructure and therefore different points of weakness. However, there are of course, general things every company can do.
Deploying a strong antivirus with security policies across all endpoints, setting up firewalls and intrusion detection / prevention, and employee awareness training are all good start points.
The important thing is to be proactive about security. Standing idle and not getting prepared makes your organization a potential target.
In addition, creating an incident response plan is another great way to get ready for attacks. Only around half of corporations have any form of response strategy. Of these people, slightly over half update the strategy.
Only an organization-wide approach of security will be able to comprehensively protect against a ransomware attack.
Let Livelinx Secure Your Organization
Livelinx has a full suite of tools to protect your business from attack. This includes endpoint antivirus with remote management and monitoring, employee training, and infrastructure upgrades such as firewalls and intrusion detection / prevention.
If you are interested in having these services deployed in your organization, contact us for a security assessment and consultation. The security of your organization should start today, don’t waste time.