1 Comment
Everybody knows the risks of ransomware include a financial cost. But, are you factoring in all the costs? Should you pay for ransomware? Is it worth it? We’ll discuss these topics on the program.
Our discussion focuses on the latest research from Sophos, “The State of Ransomware.” The study looked at 5,000 IT managers across 26 countries and got their opinions on a variety of issues related to ransomware. Here are a few of the highlights:
- Email is still the primary infection point for ransomware. Does this reflect poorly on cloud, since most email platforms today are cloud based? Maybe we should be discussing this within the professional managed services community?
- 51% of the surveyed organizations claimed to have a “significant” ransomware attack in the last 12 months. Of those successful breaches, 73% of the attacks involved an encryption of data.
- The average cost of a ransomware attack – $1.4M (if you pay the ransom) $730k if you do not.
- 27% of the respondents claimed that they did pay when hit by ransomware
Oli
Posted at 18:56h, 12 MayThis is really good information Charles. We have a unit in Alvaka Networks that specializes in ransomware recoveries. We have been involved with some of the largest ransomware situations, local companies with 40 users to international companies with over 40,000 users.
All ransomware situations are horrifically debilitating to the business. The lucky ones have good working backups, cyber breach insurance and a good IT team and/or MSP. Their business interruption is minimal in comparison to those without the aforementioned. They suffer some business interruption loss, pay a few dollars for forensics work and hardening of the network and they move on more securely. For those without good preparation, they are usually down two to four times as long, even with recovery crews working around the clock. Downtime is usually at least a week, and it could be as long as a month if there are complications.
We are also seeing waves of commonality in breaches. For the first three month of this year is was mostly dental firms and some healthcare providers. The concentration seemed to be the upper midwest and the eastern seaboard down to Florida. This is not coincidence. This sort of breach can be tied to a hosting service provider suffering a breach. I am now seeing law firms get hit. Three new ones just this weekend.
You are right, email is a huge culprit as it was for a call we just concluded with a technology manufacturing firm. Someone opened a FedEx attachment… that wasn’t really from FedEx. RDP is another huge problem right now. I don’t see it getting better this summer, just worse based on all the new work-at-home solutions that speedily got stood up with out much planning and often without requisite security knowledge and considerations.