Concept of cybersecurity with a digital screen leading to a shield securing paths to the outside

Ransomware costs: when the price to pay is more than just a ransom

By Dexter Deus, Marketing Strategy Manager, Cybersecurity

The complex, evolving landscape of cybersecurity attacks continues to grow, with ransomware tracking at about 24% of all breaches¹ as well as 66% growth in attacks year over year. ²

To level set, ransomware is malware designed to deny a user or organization access to files on their computer through encryption until a ransom is paid — it’s an expensive and expansive problem for organizations of all sizes and industries. The risks include a spiraling effect of negative brand reputation, leadership changes, lost revenue, and the release of sensitive information, often leading to further extortion.

Is your organization high-risk?

The quick answer is yes, it’s only a matter of time. Some of the most targeted industries have been professional services, manufacturing, healthcare, financial services and retail.³ However, recently government and education have also been major targets. Attacks aren’t limited to just enterprise companies either — small businesses have seen a 40% increase in ransomware attacks and a 56% increase in fund transfer fraud incidents. ⁴ In fact, according to another report, SMBs with revenue around $5 million are twice as likely to become victims as companies in the $30-50 million range and five times as likely as companies with revenue of $100 million. ⁵

This doesn’t mean other industries are off the hook — especially since it only takes adversaries 2 minutes and 57 seconds to drop ransomware into your system. Cybercriminals are typically after intellectual property, patient records or protected health information, customer data, personally identifiable information (PII) and account credentials. ⁶

To pay or not to pay?

The quick answer is always no. In one survey of over 1,000 enterprise IT professionals who had been breached at least once by ransomware in the last 24 months, 84% of them paid but only 47% of them received uncorrupted data returned — with 78% of them breached again after paying the ransom.⁷ Another interesting part of the report revealed that over half did not detect they had been breached for 3-12 months and that the majority of attackers were getting into the network through a supply chain partner. The takeaway here is that as hacker sophistication rises, the ransom demands continue even after payment, compounding the problem.

Overall, ransomware adversaries made a total of $1.1 billion in 2023, and ransomware cost estimates have already reached over $450 million for the first half of 2024.⁸

What are the real ransomware costs?

The quick answer is usually in the millions. Overall, ransomware adversaries made a total of $1.1 billion in 2023, and ransomware cost estimates have already reached over $450 million for the first half of 2024.⁸ Here’s a breakdown of what’s being reported by individual organizations for ransom payments on average:

  • $3,960,917 — a 2.6X increase on the $1,542,330 reported in 2023⁹

  • $1.4 million for U.S. companies with an estimated 46% of respondents saying their overall business losses were between $1-10 million and 16% saying their losses were over $10 million¹⁰

Recovery costs must be considered, too. These costs include downtime, legal fees, data loss, lost opportunities, reputation repair and other recovery costs. Reports show detrimental and high-cost averages:

  • $2.73 million in 2024, up by $1 million in 2023¹¹

  • $4.5 million, including payment and recovery¹²

  • 35% of victims took a week or less of recovery time while 34% took over a month (same ref as above) due to the growing complexity and severity of attacks, and lack of preparedness

This begs the question, how many cybersecurity defenses do you really need?

The quick answer is a lot. Organizations must prioritize making people, processes and technology secured and compliant in all aspects of the business. Safeguarding against data breaches should be an always-on effort, which means taking a multi-layered approach to secure the workforce, information, devices, network, and applications. But when all else fails, and a breach is made, ransomware containment solutions can be the last line of defense.

Proactive measures for enhanced security

  • Preparedness: Develop a robust incident response plan in case of a breach — we offer security assessments to help you determine where you have gaps

  • Vulnerability management: Regularly patch vulnerabilities to minimize attack surfaces — ask about our Managed IT Services, Cybersecurity Services, and Cloud Services

  • Cybersecurity culture: Foster a security-conscious environment through training and awareness programs— we have specialists in change management and comprehensive security training programs

  • Zero trust: Implement zero trust network access to enhance security protocols, including encryption and authentication — let us help your organization close any gaps

  • Generative AI awareness: Establish guidelines for the safe use of generative AI to mitigate potential risks — breaching through AI-generated code, scripts and sharing sensitive company data are trending

  • System testing: Conduct regular testing to identify and address security gaps — think of our IT Services team as an extension of your team

  • Collaboration: Partner with security-focused vendors that have a strong commitment to security

By identifying and closing some (or all) of these security gaps, your defenses will be stronger and reduce the likelihood of a ransomware attack or stop one in its tracks.

Our ransomware containment solution isolates ransomware in real-time, preventing it from encrypting valuable data and minimizing downtime, unlike other solutions that focus only on detection or recovery after the damage is done.

Put this last line of defense to work for you.

Find out how Ricoh can help fortify your organization.

Learn more about ransomware containment

Recommended for you

Webinar: Containing Ransomware Outbreaks
Webinar: Containing Ransomware OutbreaksWebinars

Webinar: Containing Ransomware Outbreaks

Learn about the new strategy Infosec leaders are using to stop ransomware outbreaks and protect their organizations against ransomware attacks.

How to protect against ransomware attack
How to protect against ransomware attackArticles

How to protect against ransomware attack

Learn from Ricoh how do you protect against malicious ransomware. Protecting against a ransomware attack is like fire prevention, don't let the danger take hold.

How should a company handle ransomware
How should a company handle ransomwareArticles

How should a company handle ransomware

Has your company been held up by ransomware? Look no further than Ricoh to learn how to handle ransomware in your company and prevent loss of time and data.

  1. 1TechTarget. “Ransomware trends, statistics and facts heading into 2024.” January 3, 2024.
  2. 2Symantec. “The 2024 Ransomware Threat Landscape.” January 24, 2024.
  3. 3Kroll. “Q2 2024 Threat Landscape Report: Threat Actors Do Their Homework, Ransomware and Cloud Risks Accelerate.” August 21, 2024.
  4. 4Astra. “100+ Ransomware Attack Statistics 2024: Trends & Cost.” December 22, 2023.
  5. 5Rapid7, « Ransomware Radar Report », 2024.
  6. 6CrowdStrike. “Global Threat Report.” 2024.
  7. 7Cybereason, « Ransomware: the true cost to business 2024 ».
  8. 8Cyber Management Alliance. “Ransom Payouts Hit Record $450m in H1 2024: How Do You Stay Protected?” August 21, 2024.
  9. 9Sophos. “The State of Ransomware 2024.” February 2024.
  10. 10Cybereason. “Ransomware: the true cost to business 2024.”
  11. 11Sophos. “The State of Ransomware 2024.” February 2024.
  12. 12Rapid7. Ransomware Radar Report.” 2024.