It’s the downtime in ransomware that might do the most damage


Ransomware continues to make headlines. Unfortunately, notwithstanding all the news, there are businesses that are still not adequately protecting their data and, as a result, fall victim to ransomware. But even if a business does regain access to its data after paying that Bitcoin ransom, it has no doubt suffered downtime. Perhaps not surprisingly, downtime from ransomware can be more damaging to small businesses than the ransom itself, as reported by in a recent online article.

50 percent of organizations have been hit by ransomware

One of the misleading aspects of ransomware is the small amount of ransom that’s demanded by cybercriminals. The average ransom demand is less than $700. Yes, we read about how cybercriminals collected $1 billion last year via ransomware exploits, but that’s the result of many thousands of successful ransomware outbreaks. When you consider that 50 percent of organizations have been hit by ransomware, it’s easy to understand how thousands and thousands of collected ransoms add up for cybercriminals.

Much of that is the result of spam, in particular through malicious attachments in email that are opened by the unwary. In these cases, a user is directed to open an email attachment or visit a website where the ransomware is presented, masquerading as a legitimate attachment or download. From there the virus spreads, ultimately gaining control of systems—and valuable files.

Ransomware doesn’t have to be perfect

Who knows whether ransomware will ever be perfected? Probably not. But it doesn’t have to be. The goal of the cybercrimninal is a blanket approach: target as many would-be victims as possible and hope that even a small percentage open that malicious attachment.

As we’ve already learned, thousands of small successes can quickly add up to $1 billion.

The ransom isn’t necessarily the most damaging

“Ransomware wasn’t necessarily the most expensive aspect of a ransomware attack: downtime, revenue loss, and fallout were more expensive and far more damaging, especially when you’re talking about small businesses,” says Adam Kujawa, head of malware intelligence at Malwarebytes, as reported by Kelly Jackson Higgins in Dark Reading.

One report found that downtime costs small businesses $55,000 in income every year; that doesn’t even account for the cost of paying employees who can’t work without access to systems or paying them overtime to catch up when systems come back online.

Here’s what you can do

Today, ransomware is one of the primary concerns for organizations—small, medium, or large.

So, what can you do? There are number of things you can do, like don’t open suspicious-looking emails or suspicious-looking attachments. And be sure your data is properly protected. Do not take data protection for granted!

Check out how Mozy by Dell can help you avoid a ransomware disaster.