, , , , ,

When ransomware strikes your business, are you prepared?

I see news reports everyday about ransomware attacking businesses right and left. Some reports blame hackers seeking money, others say foreign countries are to blame. For companies that fall victim, it doesn’t really matter who perpetrated the attack, what matters is that their files are encrypted and their workers can’t get anything done.

We wanted to understand the real impact of ransomware attacks on companies — who is being targeted, what really matters when an attack hits, how prevalent the threat is — so we surveyed nearly 300 expert IT consultants[1] for their perspectives on the scope and costs of this trending malware and released the results in our 2016 Crypto-Ransomware Report.

Survey reveals surprise findings about ransomware attacks on businesses

I think the survey results will surprise a lot of people.  When I read stories about ransomware attacks, I’m always left with the feeling that the real threat is about paying the ransom in time. I picture a ticking counter showing the victim how much time they have to pay off the cyber kidnappers before their lose their data forever.

But our survey found that the bigger threat associated with ransomware is business downtime.

Downtime is more detrimental than ransom costs

A ransomware outbreak creates two hard choices for businesses: Either spend multiple days recovering locked files from backups (which may be old, outdated versions), or pay ransom to an organized crime syndicate.

Either way, you’re likely to face significant user downtime that’s a lot more expensive than the cost of the ransom. When we looked at how long it took for users to get access to their data, we found that 72% could not access their data for at least 2 days following a ransomware outbreak, and 32% lost access for 5 days or more. Think about all of the deals you’d lose, all of the customers you’d anger, all of your employees sitting idle. Could your business really afford to be down for 2 days?

And don’t assume it’s only small companies that are impacted. Our survey also found that ransomware is affecting bigger businesses and multiple victims within each business.

Ransomware is targeting bigger businesses

Ransomware should no longer be seen solely as a threat to individuals and small businesses. Nearly 60% of businesses hit by ransomware had more than 100 employees, and 25% were enterprises with more than 1,000 employees.

What’s more, we found that 86% of outbreaks affected 2 or more employees, and 47% spread to more than 20 people. So you can’t assume that an attack is only going to impact one user. You could have whole departments get hit. And even if you only have to reimage a handful of machines, you still have the issue of shared files being encrypted. So everyone working on that file is sidelined, not just the user with the infected laptop.

Luke Skibba, known on Twitter as @Gigabitgeek, faced that scary situation when his company got hit by a ransomware attack:

“After shutting down the computer of the affected user and taking her off the network, we determined she had been hit with the CryptoWall ransomware. We had 90 percent of our files be encrypted. This impacted every user in our whole company.”

What’s more, our survey found that ransomware attacks are only going to get worse.

Ransomware is a growth industry

The threat of ransomware is rapidly growing. According to our report, 43% of IT consultants have had their customers fall victim to ransomware and 59% of respondents expect the number of attacks to increase this year.

Walter Chamblee, Director of Information Technology at Signaturefd.com, sees it this way:

“Ransomware attacks are on the rise and are growing in complexity. Without the right protection measures in place, ransomware can be majorly disruptive to a business. In these cases, it’s the user downtime and the hassle for IT that’s far costlier, even if you pay the ransom.”

Don’t give up hope — fast recovery from a ransomware attack is possible

Check out our full report at Intermedia.net/Ransomware. We dive deeper into the problem of ransomware, look at more data from the survey, and discuss the tools that you can use to help get users back up and running after an attack. It’s all about having a solid business continuity plan in place for ransomware, and we can help.



[1] This study was commissioned by Intermedia and executed by Researchscape International, a market-research consultancy. Researchscape surveyed 275 IT consultants and security experts using an online survey fielded from Jan. 15-30, 2016. Respondents were recruited via third-party panels. Only one response was permitted per respondent, even if they were a member of multiple panels.

About Kirsten Barta

Kirsten Barta is Sr Marketing Communications Manager at Intermedia