Paying Ransom Doubles Ransomware Recovery Cost, Sophos Research Says
Although many organizations will pay a cyber ransom to mitigate a ransomware attack, doing so may double their incident recovery costs, according to “The State of Ransomware 2020” report from cybersecurity company Sophos.
The average cost of addressing a ransomware attack was approximately $730,000 for organizations that did not pay a ransom, the report indicated. Comparatively, this average cost rose to $1.4 million among organizations that paid a ransom.
Other notable results from the report included:
- 51 percent of organizations said they experienced a significant ransomware attack in the past 12 months, and 27 percent admitted to paying a cyber ransom.
- 84 percent have cybersecurity insurance, and 64 percent have insurance that covers ransomware.
- Cybercriminals encrypted data in 73 percent of ransomware attacks; among these attacks, 94 percent of organizations said they recovered their encrypted data.
- File download/email with malicious links (29 percent) ranked first among ransomware attack techniques, followed by remote attacks on servers (21 percent).
Multi-layered security solutions can help organizations detect and block ransomware attacks, Sophos Principal Research Scientist Chester Wisniewski said. In addition, organizations can keep their backups offline, so they can restore encrypted data without paying cyber ransoms.
Prepare for Ransomware Attacks
Sophos provided the following recommendations to prepare for ransomware attacks:
- Plan for the Worst-Case Scenario: Recognize that all organizations are susceptible to ransomware attacks, and every organization needs to plan accordingly.
- Leverage Anti-Ransomware Technology: Implement anti-ransomware technology to identify and stop ransomware attacks before cybercriminals can encrypt data.
- Protect Data Across All Environments: Secure data stored in private and public cloud and on-premises environments.
- Perform Regular Backups: Use regular backups and store them offsite.
- Add Cyber Insurance That Includes Ransomware Coverage: Purchase cyber insurance that includes ransomware coverage or add this coverage to an existing cyber insurance policy.
- Deploy a Layered Cybersecurity Strategy: Identify security gaps and address them to guard against a wide range of ransomware attack vectors.
Cybercriminals use advanced ransomware attack techniques, and these techniques will likely become more sophisticated. As such, organizations must use advanced cybersecurity technologies to protect against ransomware attacks now and in the future.