The True Cost of Ransomware

Posted 5.12.2020

Everybody knows the risks of ransomware include a financial cost. But, are you factoring in all the costs? Should you pay for ransomware? Is it worth it? We’ll discuss these topics on the program.

Our discussion focuses on the latest research from Sophos, “The State of Ransomware.” The study looked at 5,000 IT managers across 26 countries and got their opinions on a variety of issues related to ransomware. Here are a  few of the highlights:

  • Email is still the primary infection point for ransomware. Does this reflect poorly on cloud, since most email platforms today are cloud based? Maybe we should be discussing this within the professional managed services community?
  • 51% of the surveyed organizations claimed to have a “significant” ransomware attack in the last 12 months. Of those successful breaches, 73% of the attacks involved an encryption of data.
  • The average cost of a ransomware attack – $1.4M (if you pay the ransom) $730k if you do not.
  • 27% of the respondents claimed that they did pay when hit by ransomware

Tags : ransomware,The MSP Zone
  • Oli
    Posted at 18:56h, 12 May

    This is really good information Charles. We have a unit in Alvaka Networks that specializes in ransomware recoveries. We have been involved with some of the largest ransomware situations, local companies with 40 users to international companies with over 40,000 users.

    All ransomware situations are horrifically debilitating to the business. The lucky ones have good working backups, cyber breach insurance and a good IT team and/or MSP. Their business interruption is minimal in comparison to those without the aforementioned. They suffer some business interruption loss, pay a few dollars for forensics work and hardening of the network and they move on more securely. For those without good preparation, they are usually down two to four times as long, even with recovery crews working around the clock. Downtime is usually at least a week, and it could be as long as a month if there are complications.

    We are also seeing waves of commonality in breaches. For the first three month of this year is was mostly dental firms and some healthcare providers. The concentration seemed to be the upper midwest and the eastern seaboard down to Florida. This is not coincidence. This sort of breach can be tied to a hosting service provider suffering a breach. I am now seeing law firms get hit. Three new ones just this weekend.

    You are right, email is a huge culprit as it was for a call we just concluded with a technology manufacturing firm. Someone opened a FedEx attachment… that wasn’t really from FedEx. RDP is another huge problem right now. I don’t see it getting better this summer, just worse based on all the new work-at-home solutions that speedily got stood up with out much planning and often without requisite security knowledge and considerations.

Post A Comment
YouTube Logo | MSPAlliance

Subscribe to MSPAlliance on YouTube!

Explore a world of valuable content, including full-length podcast episodes and clips, thought-provoking special interviews, immersive events, enriching webinars, live streams, and more.

Join our community on YouTube, subscribe to our channel, and elevate your MSP journey!

Mobile and Laptop device image of YouTube MSPAlliance Channel | MSPAlliance

Have questions?

We're here to help! Fill out the form below and we will get back to you as soon as possible.

First Name *
Last Name: *
Contact Email: *
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.





Contact us


510 Meadowmont Village Cir, #289 | Chapel Hill, NC 27517

MSP News

Sign up for MSP News, the weekly newsletter bringing you news and analysis from the managed services industry.