Ransomware continues to be a threat across the globe, with hackers targeting an organization’s most valuable files and systems and locking them down. Then they ask for money, or a “ransom,” to unlock these systems. To avoid the high cost of downtime associated with this cybercrime, many organizations simply pay the ransom. Unfortunately, the occurrence of these attacks continues to escalate, putting more and more organizations at risk.
The Cost of Ransomware
Cybersecurity Ventures estimates that ransomware damage will cost the world $11.5 billion in 2019, up from $325 million in 2015. $11.5 billion dollars! And, according to a survey conducted by Sophos, the average total cost of a ransomware attack is $133,000. This figure includes the ransom demanded, downtime, manpower, device cost, network cost, and lost opportunities. Additionally, five percent of those surveyed reported the total cost of the attack to be between $1.3 million to $6.6 million.
To illustrate how much an attack could cost you, let’s look at a recent example. Erie County Medical Center, located in Buffalo, NY, refused to pay a nearly $30,000 ransom demand in April 2017. However, the attack brought down the hospital’s computer systems, costing them nearly $10 million. Half of that cost was for computer hardware, software, and assistance needed in the response. The other half represents a combination of increased expenses (such as for staff overtime pay) and lower revenues from the loss of business during the system downtime. On top of that $10 million, they now have an ongoing expense of $250,000 to $400,000 a month for investments in upgraded technology and employee education to harden their computer system defenses and reduce the risk and impact of future attacks.
Make no mistake, ransomware will cost you big-time if you aren’t prepared for an attack.