In 2020, ransomware attacks grew at least 7-fold.  By 2025, at least 75% of IT organizations will face at least 1 ransomware attack.  When considering the lost revenue caused by halted business operations and the costs companies incur to recover from a ransom attack, the true cost of ransomware is up to $20 billion a year.  

Insurance is a lifeline for many businesses recovering from ransomware, but there exist gaps in coverage, especially for small to medium enterprises (SMEs).  SMEs represent 98% of cyber insurance claims, with their average claim reaching $1.2 million in 2019.   Despite these enormous claims, the average bill for rectifying a ransomware attack is actually $1.85 million.  And that value is only rising with the frequency of ransomware attacks going around.  Data loss and insurance premium costs are also ticking up.  Insurance companies are even denying applications for cyber coverage more often in a bid to reduce risk on their portfolio.

Not all threats are created equal.  Ransomware attacks are tailored to each victim.  Small businesses face more generic attacks and lower ransom demands,  but they’re also less likely to possess the security to fend off even weak attackers.  Meanwhile, large enterprises who can afford cybersecurity suffer more sophisticated assaults from criminals seeking a higher payout.  Still, a major concern for businesses of all sizes is reinfection.  Companies who fall prey to a ransomware attack suffer an 80% chance of being targeted a second time, often by the same group of attackers.

As if the situation wasn’t dire enough, new regulations that increase costs for businesses that fail to prevent attacks are entering their enforcement period.  In the EU, the GPDR imposes fines on businesses that fail to protect consumer data.  In the state of California, consumers can sue businesses for a breach of their data without needing to prove the breach caused harm.  While paying ransoms in general is not illegal, the US Treasury began prosecuting those who facilitate ransomware payments made to sanctioned individuals and jurisdictions last year.

The problem is huge.  How can businesses protect themselves and their customers?  Some important best practices include staying up to date with software, educating employees on the dangers of phishing emails, and backing up data on external devices.  Security software that detects suspicious activity is a first line of defense.  As ransomware attacks grow in sophistication, it’s not a matter of if but when.