Page 133 - Cyber Defense eMagazine September 2022
P. 133
A tool to make money
Cybercriminals see ransomware as a proven and effective tool to make money, and lots of it, with pay-
outs totaling as much as $40 million. The financial effects of ransomware are certainly becoming more
pronounced, with more attacks targeted at supply chains and critical infrastructure, causing widespread
disruption. The Cybersecurity and Infrastructure Security Agency (CISA) reported in February 2022 that
it is aware of ransomware incidents against 14 of the 16 US critical infrastructure sectors.
Despite all the warning signs, are companies underestimating the cost of recovering from such an attack?
Industry figures suggest there is an alarming disparity between the perceived cost and the actual cost of
recovering from a ransomware attack among security professionals. Our own survey shows that the
average perceived cost is $326,531, with insurance pay-outs extending up to an average of $555,971.
Industry figures, however, show that the average total cost of recovery from a ransomware attack was
$1.4 million in 2021.
It was encouraging to see that three-quarters of respondents have cyber insurance, although one in four
(24%) do not have any insurance or don’t know if they do.
So, with current insurance pay-outs unable to cover even half of the average cost to recover from
ransomware, many firms will be under huge financial pressure if they are hit, particularly smaller
businesses that may lack the resources and expertise to manage it.
Our research also highlighted some other serious concerns, notably that threats are outpacing security
teams.
When we asked security professionals what keeps them awake at night, 41% said they worry about
ransomware attacks evolving beyond their team’s knowledge and skillset, while a similar percentage
(39%) worry about them evolving beyond their company’s security capabilities.
Their biggest concern, however, is the risk of employees ignoring corporate advice and clicking on links
or attachments containing malware. In fact, they worry more about this than they do their own job security,
with just a quarter worried about losing their job.
Ransomware demands – to pay or not to pay?
There is also some debate in the industry around how best to deal with ransomware demands according
to our research. One in three security professionals said they were worried about paying a ransom
demand and not getting their data back, but 65% would still pay.
Interestingly, around a third said it was down to their insurance company to pay it, and around one in five
(18%) said the government should pay. More than a quarter (27%) of security professionals would never
pay a ransomware demand.
Paying a ransomware demand clearly depends on an organization’s level of preparedness. Do they have
the right processes in place and strong backup and recovery? If so, they won’t need to pay it. According
Cyber Defense eMagazine – September 2022 Edition 133
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.