Demo
Ransomware Costs: Beyond The Cash - Talion

We’re all too aware of the growing financial impact that ransomware attacks have on organisations. After all, it’s easy to talk in terms of dollars and pounds.

But what about the other often overlooked or under-talked about consequences of ransomware?

Ransomware costs more than just pennies; it disrupts the economy, business reputation, mental health and more. Most businesses only realise the full impact ‘post’ attack – by then, it’s too late.

Our #RansomAware campaign is encouraging organisations and individuals to come forward to tell their ransomware stories, particularly regarding cyber-shaming and mental health.

We’ve listed 4 HUGE costs ransomware can have on your organisation – beyond just the cash.

 

Cost of Time

Not only do ransomware attacks incur cost of remediation, but victims need dedicated time and undivided attention from IT teams to get the network and system back up and running to its previous speed.

Nearly 3 out of 4 companies infected with ransomware suffer two days or more without access to their files – this often means time away from everyday work tasks, due to downtime, and can present lost opportunities as a result of prioritising the attack.

Ransomware attacks do cause obvious money costs, such as paying the ransom, but there is also the cost of every hour of time lost from an employee supporting recovery, rather than going about their usual professional duties. Completely remediating a ransomware attack takes an average of 35,285 hours which, if you put a number to it, would cost approximately $2.24 million at the average IT hourly wage of $63.50. That’s an expensive amount of time!

 

Cost of Reputation

Ransomware attacks almost always make their way into the public, and this can be detrimental to the reputation of the company.

This is particularly evidential in the execution of triple extortion, where threat actors use a combination of encryption and data theft to pressure victims to pay ransom demands, often publicly releasing stolen sensitive information or notifying the victim’s business partners, shareholders and suppliers.

 

 

3 ways ransomware costs a company their reputation:

 

1) Damages a company’s stock price

In April 2021, Darkside ransomware operators published a blog update with a tactic designed to damage a company’s stock price. It stated: “Now our team and partners encrypt many companies that are trading on NASDAQ and other stock exchanges. If the company refuses to pay, we are ready to provide information before the publication, so that it would be possible to earn in the reduction price of shares. Write to us in ‘Contact Us’ and we will provide you with detailed information.”

These messages encourage members of the public to participate in gaining money off the back of ransomware attacks, whilst also disrupting the growth of the company itself.

 

2) Business transfers to competitors

In 2020, Universal Health Services (UHS) reported a cyber-attack incident that was believed to be caused by the Ryuk ransomware variant. They noted that “Given the disruption to the standard operating procedures at our facilities … certain patient activity, including ambulance traffic and elective/scheduled procedures at our acute care hospitals, were diverted to competitor facilities.”

This is often the case; we work in a fast-paced world, so customers often won’t hesitate to move companies as soon as something goes wrong.

 

3) Stolen credentials leaked on public forums

In February 2022, Nvidia were hit with a ransomware attack attributed to the hacking group Lapsus$. It was reported that the hackers stole credentials of Nvidia’s 71,000 employees and password hashes of their windows accounts, before then cracking and sharing them on various hacking forums. It’s no surprise that customers then lose their trust in the victimised business.

 

Cost on Mental Health

An obvious mental health cost is the guilt associated with inadvertently opening a malicious email and unwittingly launching a ransomware payload. This can happen to any user at any level. But there are other mental health factors at play.

The stress of remediating a ransomware attack can take a huge toll on the individuals fighting on the frontline. As a security leader, members of the organisation often look at you solely for direction, expecting something faster than humanly possible to deliver, and it can be overwhelming.

As Jason Lewkowicz, former CISO of Cognizant, said, “It was a mind shift from being a business operator and planner to being a firefighter” – and this is no exaggeration. When he joined the company the day after the announcement of their security breach, he had no choice but to push aside onboarding and take immediate action.

Jason said: “The first three days I probably worked 20 hours a day. It was very taxing. And one of the things which is extremely important when managing incidents is ensuring your team is taking breaks, eating food, and getting rest. And that was a challenge to deal with, because in a cyber crisis there is this expectation of recover, restore, get back online—all the things, so that we can continue delivering business. There’s no, “It’s totally fine. Let your team go and have a nap.” The business pressures and concern of clients is continuously escalating.”

This is an ongoing problem amongst IT security teams where, under the pressure of an attack, there is no time to look after themselves – only the company. As such, not looking after themselves only leads to more detrimental effects for the company later on, in the form of unproductivity, time off and inability to work at their best.

 

 

Cost to Economy

The impact of ransomware extends beyond just the company it attacks.

Ransomware can cause 3 main issues to the economy:

 

A prime example of a ransomware attack causing huge disruption to the economy is when JBS, the largest beef supplier in the world, was attacked by the REvil ransomware group in May 2021. The company were forced to halt operations, which impacted the food supply chain and left many supermarkets short on meat products, threatening a lack of food supplies and risk of higher food prices for consumers. JBS inevitably had to pay the $11 million ransom in order to protect their customers and keep the economy running.

 

 

Ransomware attacks are more than just a money-issue for organisations and the more this is recognised, the better businesses can prepare for the worst, limiting the impact. Cybersecurity risk assessments must take into consideration the impact from a holistic point of view – operations, company performance, brand, customers and share-holder value.

Organisations will also need to consider going a step further to increase the protection of their security posture through investment in a Managed, Detection and Response Service (MDR) that identifies risks and triages alerts as soon as they appear, speeding up the process of remediation before it infiltrates the larger company system.

For more information on MDR, download our MDR brochure.

We hope to see you over on LinkedIn for further discussion on #RansomAware.

 
Leave a comment

Filed in Blog, by Talion. 0 comments
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Talion
24x7x365 UK-based Security Operations Centre
Talion
Service underpinned by market leading threat intelligence team
Talion
Continually developed threat relevant content, backed by SLAs
Talion
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Talion
Experts in SIEM and SOAR technology
Talion
UK-based Senior Leadership
I'm ready
Request a more in-depth demo.
Discuss your cyber security needs
Fill in the form below and one of our team will be in touch to arrange your demo.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Send us a message

Give us a brief description of what you’re looking for and we’ll put you in touch with the best person.