New insight into what happens during and after a ransomware attack paints a rather dismal picture of what to expect from attackers, your executives, and your operations.
I’d love to tell you that once you get through a ransomware attack, all will be well. But that’s just not the case. According to CyberReason’s Ransomware: The True Cost to Business report, the reality of mid- and post- ransomware attack circumstances are anything but resilient.
Let’s start with the fact that, according to the report, 73% of all organizations have experienced a ransomware attack in the last 12 months. And of those that were attacked, the question of paying whether the ransom was paid always comes up:
- 41% paid to “expedite recovery”
- 28% paid to “avoid downtime”
- 49% paid to “avoid a loss in revenue”
But even after paying the ransom, 80% experienced a second attack and 68% were asked for a higher ransom!
Then there is the aftermath to the organization:
- 54% still had corrupted systems or data
- 37% had to lay off employees
- 35% had a C-level resignation
- 33% had to temporarily suspend business
What’s interesting is that 75% of organizations believe they have the right contingency plans to manage a ransomware attack – a number that hasn’t changed in the last year, according to CyberReason. This data point mixed with the aftermath stats above makes me think of the old adage “The best-laid plans of mice and men often go awry.”
So, while your organization “has a plan” to address ransomware, the only truly effective plan is to attempt to stop it all – a strategy that needs to include empowering your users with Security Awareness Training so they are able to distinguish legitimate email and web content from malicious content intent on kicking off a ransomware attack.