Ransomware Attack Downtime Costs in the U.S. Rise to Nearly $160 Billion

Ransomware Attack Downtime CostsNew data based on tracked, publicly-confirmed ransomware attacks shows that downtime – and the associated cost – is increasing at an alarming rate as nearly half of attacks see a ransom paid.

Taking a look back at last year provides some unique insight into the current state of ransomware attacks. We know that the cybercriminal gangs who create the malware are seeing their efforts as a legitimate business, seeking to increase “revenues” each year. So, by looking at how the state of the attack has changed year over year – something covered by Comparitech’s analysis of ransomware attacks in 2021, we can make some predictions about the future.

There are some notable increases seen in the data they provide:

  • The total estimated cost of downtime in the U.S. in 2021 was $159.4 Billion – a 12% rise from 2020
  • The average downtime duration is 22 days – a 23% increase from 2020
  • Ransom amounts ranged from $5,500 to $40 million (in two cases!)

But there are also some equally notable decreases

  • The number of individual records was down 32% in 2021 from 2020
  • The number of individual ransomware attacks was down 7% from 2020

Put this all together and there are some educated assumptions that can be made:

  1. Ransomware gangs are getting better at gaining access to and moving laterally across victim networks, giving them access to more of the environment to encrypt (resulting in longer downtime).
  2. There is less focus on record-based data (e.g., customer records), as ransomware gangs shift to simply exfiltrate and extort the ransom by threatening to publish the data, using encryption to ensure victims take notice.
  3. Ransomware attacks are becoming more targeted, with specific industries and companies in the line of sight.

With the very real threat of both encryption of your environment, as well as data theft and extortion putting every organization at risk, it’s critical to look at the core initial attack vectors. Phishing has continued to dominate over the last 3 years as a primary entry point for ransomware attacks, so organizations need to shore up any risk of users receiving and interacting with malicious web and email content. Security Awareness Training aids in reducing the risk of successful initial attack by educating users about the dangers found and the methods used in these types of email- and web-based attacks.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Topics: Ransomware

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews