The Money Pit for SMBs: what you need to know about rising costs of ransomware

A recent CSO publication highlights various possible ransomware costs that might be unexpected. CSO (“Chief Security Officer”) is an organization that provides critical information to enterprises related to defending against criminal attacks. It addresses topics such as risk management, network defense, fraud, and data loss prevention. The following discusses some of the key points presented by CSO and additional information related to ransomware.

As you know Ransomware, a fast-growing form of cyberattacks, is a specific type of malicious software (malware) that holds data hostage in exchange for a ransom. These attacks include threats to publish, block, or corrupt data. Also, they can prevent a user from performing work on their computer unless they meet the attacker’s demands.

Ramsomware AlertDid you know that paying the demanded money does not guarantee that you’ll get your data back from hackers? Of those SMBs that experienced a ransomware attack and paid the ransom, 20% never got their business and personal data back.

… and ransomware is growing. According to NCC Group, a cybersecurity consulting firm, worldwide ransomware attacks increased 288% between the first and second quarters of 2021. Tripled extortion has contributed to the growth, comprised of the following activities:

  1. Stealing data from organizations;
  2. Threatening to release sensitive data publicly.
  3. Targeting an organization’s customers, vendors, or business partners.

Commonly known expenses as a result of ransomware attacks include items such as lost business, ransom paid, IT-related and other consulting fees, and legal expenses. There are also various direct and indirect costs that may be unexpected. These potential costs should be understood by IT consultants and decision-makers when justifying security investments that can provide protection against ransomware.

1. Cost of Maintaining Business Continuity

Business operations can be affected for anything from a few days up to weeks or months. Productivity can be impacted significantly due to workers not being able to work on their computers. Recovery costs can be many times the cost of ransom paid and may vary greatly depending on the quality of your Managed IT services, cyberbreach preparedness, business continuity plan and services and the cybersecurity policy of the business.

Oftentimes, data locations are not documented and recovery processes have not been periodically tested prior to a ransomware attack. It would not be unusual for organizations with complex data environments to take up to 12 months to fully recover. Skilled IT skills need to be in place or sourced to implement and manage data recovery processes.

2. Cost of Cyber Insurance

As with certain other insurance policies, a cyberattack may result in increased cyber insurance premiums. Additionally, payments received from an insurance company in the event of a claim may not be as high as anticipated. After an attack and submission of a claim, insurance companies routinely perform due diligence to ensure that required processes and cybersecurity protections have been implemented and followed by the insured.

3. Loss of Customer Trust

Earning and retaining customer trust are key elements to establishing new revenue-generating business relationships and maintaining existing ones. Loss of this trust can be a significant issue. If customer support, sales, and other functions cannot be accessed as usual in a timely manner, frustration can lead to lost business and compromised vendor partnerships. If personal customer information is exposed, the loss of trust can be exacerbated.

4. Damage to Public Relations

Loss of trust can lead to the need for investments in marketing and public relations to rebuild trust and an organization’s reputation. Possible expenses include press releases, advertising, social media communications, media interviews, and speaking engagements.

5. Increased 3rd-Party Risk Evaluations

As a result of a breach, 3rd-parties including business partners and customers will often increase their vetting processes, resulting in more intense evaluations and increased standards. This can result in higher expenses to ensure compliance with 3rd-party requirements.

6. Loss of employee confidence

Your skilled workers are also affected by cyberattacks, not just your business operations. Security-related IT service technicians and engineers and/or data analytics skills may not want to be associated with your organization after it has been the victim of cybercrime. Also, in an effort to balance the financial loss certain jobs may need to be eliminated. Those factors contribute to the negative impact on the business affected by ransomware.

7. Escalation of Cybercrime

Ransom payments to cybercriminals can encourage further attacks by threat actors on other organizations. Also, cyber insurance payouts to victims can also help to proliferate cybercrime and affect society as a whole.


How is your state of IT? Call Us: (855) 551-7760 with any questions.