Ransomware costs: when the price to pay is more than just a ransom
The complex, evolving landscape of cybersecurity attacks continues to grow, with ransomware tracking at about 24% of all breaches¹ as well as 66% growth in attacks year over year. ²
To level set, ransomware is malware designed to deny a user or organization access to files on their computer through encryption until a ransom is paid — it’s an expensive and expansive problem for organizations of all sizes and industries. The risks include a spiraling effect of negative brand reputation, leadership changes, lost revenue, and the release of sensitive information, often leading to further extortion.
Is your organization high-risk?
The quick answer is yes, it’s only a matter of time. Some of the most targeted industries have been professional services, manufacturing, healthcare, financial services and retail.³ However, recently government and education have also been major targets. Attacks aren’t limited to just enterprise companies either — small businesses have seen a 40% increase in ransomware attacks and a 56% increase in fund transfer fraud incidents. ⁴ In fact, according to another report, SMBs with revenue around $5 million are twice as likely to become victims as companies in the $30-50 million range and five times as likely as companies with revenue of $100 million. ⁵
This doesn’t mean other industries are off the hook — especially since it only takes adversaries 2 minutes and 57 seconds to drop ransomware into your system. Cybercriminals are typically after intellectual property, patient records or protected health information, customer data, personally identifiable information (PII) and account credentials. ⁶
To pay or not to pay?
The quick answer is always no. In one survey of over 1,000 enterprise IT professionals who had been breached at least once by ransomware in the last 24 months, 84% of them paid but only 47% of them received uncorrupted data returned — with 78% of them breached again after paying the ransom.⁷ Another interesting part of the report revealed that over half did not detect they had been breached for 3-12 months and that the majority of attackers were getting into the network through a supply chain partner. The takeaway here is that as hacker sophistication rises, the ransom demands continue even after payment, compounding the problem.
What are the real ransomware costs?
The quick answer is usually in the millions. Overall, ransomware adversaries made a total of $1.1 billion in 2023, and ransomware cost estimates have already reached over $450 million for the first half of 2024.⁸ Here’s a breakdown of what’s being reported by individual organizations for ransom payments on average:
$3,960,917 — a 2.6X increase on the $1,542,330 reported in 2023⁹
$1.4 million for U.S. companies with an estimated 46% of respondents saying their overall business losses were between $1-10 million and 16% saying their losses were over $10 million¹⁰
Recovery costs must be considered, too. These costs include downtime, legal fees, data loss, lost opportunities, reputation repair and other recovery costs. Reports show detrimental and high-cost averages:
$2.73 million in 2024, up by $1 million in 2023¹¹
$4.5 million, including payment and recovery¹²
35% of victims took a week or less of recovery time while 34% took over a month (same ref as above) due to the growing complexity and severity of attacks, and lack of preparedness
This begs the question, how many cybersecurity defenses do you really need?
The quick answer is a lot. Organizations must prioritize making people, processes and technology secured and compliant in all aspects of the business. Safeguarding against data breaches should be an always-on effort, which means taking a multi-layered approach to secure the workforce, information, devices, network, and applications. But when all else fails, and a breach is made, ransomware containment solutions can be the last line of defense.
Proactive measures for enhanced security
Preparedness: Develop a robust incident response plan in case of a breach — we offer security assessments to help you determine where you have gaps
Vulnerability management: Regularly patch vulnerabilities to minimize attack surfaces — ask about our Managed IT Services, Cybersecurity Services, and Cloud Services
Cybersecurity culture: Foster a security-conscious environment through training and awareness programs— we have specialists in change management and comprehensive security training programs
Zero trust: Implement zero trust network access to enhance security protocols, including encryption and authentication — let us help your organization close any gaps
Generative AI awareness: Establish guidelines for the safe use of generative AI to mitigate potential risks — breaching through AI-generated code, scripts and sharing sensitive company data are trending
System testing: Conduct regular testing to identify and address security gaps — think of our IT Services team as an extension of your team
Collaboration: Partner with security-focused vendors that have a strong commitment to security
By identifying and closing some (or all) of these security gaps, your defenses will be stronger and reduce the likelihood of a ransomware attack or stop one in its tracks.
Our ransomware containment solution isolates ransomware in real-time, preventing it from encrypting valuable data and minimizing downtime, unlike other solutions that focus only on detection or recovery after the damage is done.
Recommended for you
Webinar: Containing Ransomware Outbreaks
Learn about the new strategy Infosec leaders are using to stop ransomware outbreaks and protect their organizations against ransomware attacks.
How to protect against ransomware attack
Learn from Ricoh how do you protect against malicious ransomware. Protecting against a ransomware attack is like fire prevention, don't let the danger take hold.
How should a company handle ransomware
Has your company been held up by ransomware? Look no further than Ricoh to learn how to handle ransomware in your company and prevent loss of time and data.
- 1TechTarget. “Ransomware trends, statistics and facts heading into 2024.” January 3, 2024.
- 2Symantec. “The 2024 Ransomware Threat Landscape.” January 24, 2024.
- 3Kroll. “Q2 2024 Threat Landscape Report: Threat Actors Do Their Homework, Ransomware and Cloud Risks Accelerate.” August 21, 2024.
- 4Astra. “100+ Ransomware Attack Statistics 2024: Trends & Cost.” December 22, 2023.
- 5Rapid7, « Ransomware Radar Report », 2024.
- 6CrowdStrike. “Global Threat Report.” 2024.
- 7Cybereason, « Ransomware: the true cost to business 2024 ».
- 8Cyber Management Alliance. “Ransom Payouts Hit Record $450m in H1 2024: How Do You Stay Protected?” August 21, 2024.
- 9Sophos. “The State of Ransomware 2024.” February 2024.
- 10Cybereason. “Ransomware: the true cost to business 2024.”
- 11Sophos. “The State of Ransomware 2024.” February 2024.
- 12Rapid7. Ransomware Radar Report.” 2024.