The real cost of ransomware: Attacks take most victims offline for at least a week

Lack of coherent strategies about what to do when attacked by ransomware is costing organisations dear.
Written by Danny Palmer, Senior Writer

Fifteen percent of businesses hit by ransomware found that their data was completely unrecoverable.

Image: Getty Images/iStockphoto

It only takes seconds for ransomware to block access to an entire network, but the vast majority of businesses remain locked out of crucial files and systems for a week or more, with the impact causing severe financial and reputational damage.

Data gathered from over a thousand businesses which have been victims of ransomware within the last year suggests that 85 percent of those infected by the malicious file encrypting software had their systems forced offline for at least a week, while a third of cases resulted in data being inaccessible for a month or more.

Worryingly, 15 percent of those targeted with ransomware found that their data was completely unrecoverable.

The figures, published in The Grim Reality of Ransomware report by Timico and Datto, paint a grim picture for businesses. Most appear to be grossly underprepared for the potential of falling victim to ransomware, a form of cyberattack which has become extremely lucrative for cybercriminals, who pocketed $1bn from it last year alone.

Despite the rising threat from a criminal activity which is getting easier and easier to carry out, many organisations still don't have any sort of proper strategy in place to deal with a successful ransomware attack. Indeed, figures in the report suggest that 63 percent of organisations have no official ransomware policy in place at all.

That's particularly dangerous because the effects of a ransomware attack are almost instant. Sixty-eight percent of businesses surveyed said that their networks went from functional to encrypted and useless in mere minutes, while almost a quarter revealed that the lockdown occurred in just a few seconds, bringing operations screeching to a halt.

Perhaps it's because businesses fear the financial impacts of not being able to access their data that half of those which fall victim to ransomware eventually gave into the ransom demand of hackers, paying the criminals to restore networks.

Nearly a quarter of respondents admitted their organisation had paid over £5,000 to retrieve their data, while a further quarter paid hackers between £3,000 and £5,000.

Larger organisations were more willing to pay significant ransoms, but they weren't the only targets. The most common ransom paid amongst small and medium sized businesses was between £500 and £1500, proving that there's still easy money to be made from targeting organisations of this size.

Ultimately, the report paints a picture of businesses still being massively underprepared for what's now a significant cyber threat -- and that needs to change, say the report's backers.

"It's critical that all organisations, no matter what size, acknowledge the increasing and evolving threat of ransomware as attacks become ever more frequent and instil a policy, that is regularly updated, to educate staff on what to do if the business comes under attack," says Nabeil Samara, chief digital officer at Timico.

"Protection and communication are key to the difference between success or failure and will save the business infinite costs in the long run."

A willingness to play ransoms to cybercriminals also points to a lack of awareness about schemes which provide free decryption tools, indicating that despite the authorities talking big on ransomware, the message isn't getting through.

Read more on cybercrime

Editorial standards