The victims lost an average of nine days to downtime and two-and-a-half months to investigations, an analysis of disclosed attacks shows.
An analysis of 186 successful ransomware attacks against businesses in the United States in 2020 has shown that the companies lost almost US$21 billion due to attack-induced downtime, according to technology website Comparitech. Compared to 2019, the number of disclosed ransomware attacks skyrocketed – by 245%.
“Our team sifted through several different resources—specialist IT news, data breach reports, and state reporting tools—to collate as much data as possible on ransomware attacks on US businesses. We then applied data from studies on the cost of downtime to estimate a range for the likely cost of ransomware attacks to businesses,” Comparitech said explaining its approach. However, it did concede that the figures may be merely a scratch on the surface of the ransomware problem.
On average, the affected companies lost nine days in downtime and it took them about two-and-a-half months to investigate the attacks and their impact on the company’s data and its systems. To put into context, Comparitech estimates that, when combined, ransomware attacks caused 340.5 days of downtime and a whopping 4,414 days of investigation. However, the downtimes varied, ranging from recovery efforts taking several months to minimal disruptions especially thanks to solid backup plans.
Cybercriminals usually requested ransoms ranging from half a million dollars all the way up to US$21 million. Some attackers also upped the ante by carrying out double-extortion attacks, where they pilfer data from the victims’ systems before going on to encrypt them with ransomware. With researchers estimating that the average cost per minute of downtime is US$8,662 and adding in the reputational damage, it’s no wonder some companies are willing to pay the ransoms as a way to fix the problem quickly. Based on the estimate, the cost of downtime to American business was US$20.9 billion. The analysis also found that the ransomware attacks resulted in over 7 million individual records being pilfered or/and abused, an almost 800% increase compared to the previous years.
RELATED READING: 5 essential things to do before ransomware strikes
Additionally, the researchers noted a shift in the targets of ransomware attacks. While previously cybercriminals would target educational institutions and government entities, during 2020 they shifted their focus towards businesses and healthcare organizations. This could be chalked up to the pandemic since many schools and governmental organizations were closed and their systems were down. Meanwhile, healthcare providers had to power through in order to tend to patients, and the pandemic forced a lot of businesses to transition to remote work probably making them easier targets to hack.
What about 2021?
Based on the trends and events of this year, it is little wonder that Comparitech estimates the costs to businesses will rise further. “If the second half of 2021 sees the same number of attacks as the first half (91), 2021’s figures will be in line with 2020s–over 180 individual ransomware attacks. However, with many attacks often revealed weeks or months after they’ve happened, these figures are likely to rise even higher over the coming months, suggesting 2021 will be a record-breaking year for ransomware attacks on US businesses,” the company warned.
To find out why ransomware remains one of the top threats and how businesses can defend against it, we suggest reading up on our recent white paper, Ransomware: A criminal art of malicious code, pressure and manipulation.
written by Amer Owaida, ESET We Live Security