The $11.5 Billion Problem with Ransomware

RansomwareRansomware will cost U.S. businesses an estimated $11.5 billion in 2019.

Let’s break it down and talk about some of the basics.

First, what is ransomware?

Ransomware is a form of malware or malicious code which will infect a user’s computer and encrypt all of the data on that machine and typically on an entire network, preventing all users from accessing their systems, and data.   In order to free the computers from “ransom” or encryption, the user or organization must pay the ransom demand, typically in untraceable Bitcoins.

Who can be hit by ransomware?

Anyone and everyone.  Individual users, small businesses, large businesses, government agencies, hospitals have all been targets of ransomware.

How does ransomware make its way onto a computer or network?

Typically through an email phishing scheme where a link is clicked by an unsuspected user, or an attachment is opened;  which releases the malware.  Once the malicious virus is “loose” it rapidly infects all users within a network and shutting it down.

What are the typical ransom demands?

Good question – this number is a moving target.  Some hackers are demanding a set figure per user on a network, some are picking arbitrary numbers.  The larger the organization the higher the demand.  Whether the demand is $5,000 or $50,000, the cost of a ransomware attack doesn’t end with paying the ransom.  Other costs include:  loss of income during the shutdown and restoration of data, forensic analysis of your data to assure it’s “clean” with no other bugs hidden in it, possible loss of data and related costs of notifications, restoring damaged or destroyed data, lost productivity, and damage to your brand and reputation.  These costs can add up to significant levels and aren’t covered in a standard business insurance policy.

Why is ransomware a growing threat?

Because it’s easy to perpetuate and get away with, on top of that many victims of attacks are paying ransoms which only fuel further attacks.

One IT expert explained to me the following:  Imagine a hacker buying a few hundred thousand email addresses on the dark web and methodically sending our hundreds of emails per hour containing a ransomware virus.  While no firm statistics exist on what the click through rate of these bogus emails are, I’ve read that 30% of phishing emails are opened and of those, users either open attached documents or click links 12% of the time!  Doing the math that means the open rate is about 3.6%!

Regardless of how many systems and users are actually affected, let’s just assume that an enterprising hacker has a half of one percent “hit rate”.  That means out of 1,000 email phishing attempts the hacker sends he’ll have 5 new “customers” where he holds the keys to their data.  If the demand to unlock those networks is “only” a $1,000 ransom, the hacker has netted $5,000 for a day’s “work”.

This sort of scheme is so much easier for a hacker to monetize versus stealing credit card numbers and trying to sell them on the dark web.  Whether the hacker is a single operator sitting in his boxer shorts in his bedroom in Russia – or part of a large organized criminal enterprise that can replicate this many times over in a day, this is a lot of money for little effort, little investment and little risk of getting caught or prosecuted.

For the hacker, this is basically a no lose proposition.  For the business owner, this is a serious problem that threatens their livelihood.

So, how do you do to defend yourself?

I’ll leave the details of this up to your IT professional, but it’s a combination of:

  • Hardware
  • Software
  • And Training, training, and more training. Educating your workforce on proper email protocol/hygiene is critical.
  • The last piece of the puzzle is insurance for when things go wrong, and they often will go wrong.

Cyber Insurance is no longer something to consider, it’s a must purchase form of protection.  Whether you’re a small retailer, medium sized professional services firm, a school, a healthcare provider, or a larger middle market company.  Your business runs on data, if something were to happen to that data you’d likely suffer a large financial consequence which isn’t sufficiently insured anywhere else in your insurance program, that’s why you need Cyber Protection.  Learn more about your cyber risk here.

The good news is the Cyber Insurance is affordable and easy to obtain.  Want to find out more about the risks you face and how to design proper protection?  Give me a call or drop me an email and let’s start a conversation.

You cannot copy content of this page