Ransomware vs. Business: The High Cost of An Incident

October 21, 2021


Ransomware is the bane of every IT team and a nightmare for any business that falls prey to an attack. This dynamic attack can be used in many ways to harm businesses, damage infrastructure and sow chaos while earning cybercriminals a tidy profit. In a recent survey, 90% of IT pros had clients that suffered ransomware attacks in the past year. Ransomware has grown into a threat that dominates the cybercrime ecosystem, keeping this menace at the forefront of IT leaders and business owners’ minds as they grapple with the question of how to keep their organizations safe on a budget.  


Excerpted in part from our eBook Cracking the RANSOMWARE Code, available now. GET YOUR COPY>>


No Business is Safe from Ransomware 


Every business in every sector is at risk of a ransomware attack. Companies that thing that they’re too small to catch the attention of cybercriminals are badly mistaken. No business is too small – 50% of ransomware attacks last year hit SMBs, and 55% hit businesses with fewer than 100 employees. Smart cybercriminals know that organizations in stressed industries are likely to pay them what they’re demanding and not attempt negotiation or recovery in order to resume operations quickly. However, sectors that are feeling a pinch due to volatile world events or the pressure of economic uncertainty are prime targets for ransomware attacks.  


See how to avoid cybercriminal sharks, phishing & ransomware in Phishing 101. DOWNLOAD IT>>


Ransomware Costs Are Shocking 


Businesses that are hit with ransomware face a hard road to financial recovery if they survive the blow.  An estimated 60% of businesses that fall victim to a cyberattack shutter. One reason for this is the shocking expense associated with handling a cyberattack like ransomware – and you’re not paying it all up front. Bills for a cyberattack can still be arriving two or more years after the event. Any organization that falls victim to ransomware is looking at big bills. The cost of a ransomware incident including investigation, remediation and recovery worldwide is expected to exceed $265 billion by 2031.  

That isn’t a bill that any organization can afford to pay. The exorbitant cost, lost revenue and reputation damage that a business suffers in the wake of a ransomware event. Unfortunately, ransomware attacks have continued to pound businesses, rising to heretofore unseen new heights in Q2 2021.   


What’s next in phishing? Find out in the 2021 State of Email Security Report! GET IT NOW>>


How Can Ransomware Impact a Business? 


If an organization ends up the victim of a ransomware attack, a cascade of unpleasant consequences and operational challenges beyond the direct demands of incident response awaits.  

Data Theft  

Cybercriminals can make handsome profits selling data in the booming dark web data markets. In fact, industries may find themselves in cybercriminals’ sights because of the high desirability of their data. While organizations in every industry are at risk of data theft through ransomware, these three were a little more at risk in 2020 than the rest.  

  • Manufacturing 25%  
  • Professional Services  17%  
  • Government Entities 13% 

Organizations located in Asia (33%) and North America (30%) and Europe (27%) were the hardest hit by ransomware attacks in 2020 and carry the most risk in 2021. 

Operational Disruption 

Ransomware can shut down businesses entirely, especially businesses that use technology to run factories, operate and manage infrastructure or facilitate transportation. While cybercriminals are cleaning up in ransomware operations, businesses are paying the price and it is steep. Companies impacted by ransomware lose an estimated average of six working days, and 37% of them experience downtime of one week or more.  

In just the last 12 months:

  • Lion, a leading drinks purveyor in Australia, and JBS, a major meatpacker in Brazil, saw their production lines grind to a halt for several days due to ransomware incidents.  
  • Ransomware snarled maritime traffic in France and trucking companies in Canada, including strikes on cold chain transportation that was critically needed to carry vaccines. 
  • In the US, cybercriminals used ransomware to attack a variety of infrastructure targets like public transport in Philadelphia and wastewater treatment plants in Florida and Maine.  

How safe is your email domain? Find out now with our domain checker. CHECK YOUR DOMAIN>>


What’s the Cost If a Business Pays the Ransom? 


Any organization that falls victim to ransomware is looking at big bills. The average ransom demand in Q1 2021 was $220,298 – 40% higher than the same time in 2020. The cost of investigation, remediation and recovery can be enormous.  And those bills just keep coming. The cost of ransomware incidents worldwide is expected to exceed $265 billion by 2031. But what is the downside to just paying the ransom and avoiding all of those headaches? It may seem like it is easier and cheaper to simply pay the extortionists and put the incident in the rearview rather than suffer through protracted and expensive remediation and recovery. An estimated 52% of organizations that fall victim to a ransomware attack choose to negotiate with the attackers or simply pay the ransom that is demanded. However, paying the ransom isn’t as straightforward as it seems and it’s not going to do a business any favors.  

Don’t Expect the Safe Return of Stolen Data 

There’s a big reason why cybersecurity professionals of every stripe warn that paying a ransom to regain your data is a very dicey proposition. There is never a guarantee that the gang hasn’t already copied and sold your data. In fact, less than 60% of companies that pay the ransom are able to recover even part of their data, and 39% of companies that pay a ransom never see any of their data again. 

Insurance Isn’t Going to Help 

Insurance industry experts point to ransomware as the cause of steep increases in cyber insurance rates, up by 56% in the US and 35% in the UK. Ransomware insurance claims shot up by 260% in 2020, leading many insurers to place new restrictions on the coverage that companies can buy. In fact,  insurance giants like AXA have announced that they will no longer underwrite cyber insurance policies to reimburse companies for ransomware payments   

Paying a Ransom is Breaking the Law 

 In an official advisory, The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced that paying ransom to cybercriminals is likely to be unlawful. Organizations that pay ransoms to cybercriminals or facilitate ransomware payments on behalf of victims, including financial institutions, cyber insurance firms and companies involved in digital forensics and incident response, are violating OFAC regulations. Those entities are also at risk of incurring civil penalties for sanctions violations if a person or organization is paying a ransom to a gang located in a country that the US government has sanctioned. 


Add to your security team and your defense without adding to your headcount! LEARN MORE>>


Uncover the Secret to a Strong Ransomware Defense 


Establish a smart defense against phishing and reduce ransomware risk in a flash with automated, AI-powered email security from Graphus. Automated email security with a solution like Graphus stops 40% more phishing messages from reaching an employee inbox than conventional security or a SEG. The ideal choice to combat the flood of dangerous phishing email heading for every business, Graphus layers security for more protection with three powerful shields. 

  • TrustGraph uses more than 50 separate data points to analyze incoming messages completely before allowing them to pass into employee inboxes. TrustGraph also learns from each analysis it completes, adding that information to its knowledge base to continually refine your protection and keep learning without human intervention.  
  • EmployeeShield adds a bright, noticeable box to messages that could be dangerous, notifying staffers of unexpected communications that may be undesirable and empowering staffers to report that message with one click for administrator inspection.    
  • Phish911 enables employees to instantly report any suspicious message that they receive. When an employee reports a problem, the email in question isn’t just removed from that employee’s inbox — it is removed from everyone’s inbox and automatically quarantined for administrator review.

Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus