5 Ways Ransomware Can Negatively Impact Your Business

In the past year, virtually every day has brought news of another debilitating ransomware attack. And, in many of those attacks, there were key lessons that can be applied to companies like yours. 

This article will recap five real-life impacts of recent ransomware attacks. It will also provide best practices you can follow to prevent your organization from becoming a potential victim. 

Impact #1: Extended Downtime

The average downtime from ransomware attacks increased from 15 days in Q1 2020 to 22 days in Q3 2021, according to Statista. In this case, downtime is an instance in which an organization experienced less than 100% productivity or a material business interruption.

Even large, well-funded organizations can have their productivity crippled by ransomware attacks. Brazilian-based meat processing company JBS experienced a ransomware attack on May 30, 2021 that temporarily shut down several of its Australian, Canadian, and U.S. facilities until June 2, 2021. Only by making a ransom payment of $11 million in Bitcoin was the company able to resume normal operations. 

Think about that average recovery figure for a minute. It represents more than three weeks of disruption! So why does ransomware recovery take so long? 

Organizations hit by ransomware face two parallel challenges: users need to access their data and IT needs to research the potential cause(s) of an attack. Key organizational resources that customers, partners, and employees rely on to perform their job duties can go offline, but that takes the IT team’s focus away from larger recovery efforts. 

In addition, many organizations perform their recoveries manually, which adds to the disjointed and painful process of regaining valuable data.

Best Practices To Avoid Extended Downtime

Utilize ransomware recovery technology that permits your organization to “roll back” to earlier versions of mission-critical files. This will significantly reduce downtime from potential ransomware attacks. 

In addition to ransomware recovery technology, incident response techniques such as table-top attack simulations can help you to recover from potential cyber-attacks more rapidly and effectively.

Impact #2: Damage to Brand Reputation

When the Colonial Pipeline ransomware attack occurred in May 2021, the lengthy lines for gasoline  in the southeastern U.S. following the attack made the company’s name practically synonymous with the term ransomware for many American consumers. In fact, Forbes Insights found that 46% of organizations suffered damage to their reputations and brand value as a result of cybersecurity breaches. Another 19% of organizations experienced reputational and brand damage as a result of third-party security breaches or IT system failures.

Best Practices To Prevent Brand Reputation Damage

The easiest way to prevent your brand from being impacted by ransomware is to avoid being a victim of ransomware in the first place. Many organizations have implemented ransomware detection technology to detect potential ransomware artifacts and ransom notes, and to disable users before the ransomware propagates. Choose your IT partners carefully since your company’s cybersecurity protection is only as strong as that of your closest IT and supply chain partners.

Impact #3: Sensitive Data Exposure

Nearly 80% of ransomware attacks in the first half of 2021 involved the threat of leaking exfiltrated data, according to an ongoing monitoring of more than 40 threat actor extortion websites. Cyber-attackers utilize data exfiltration to encourage companies to make ransom payments, threatening to publish pilfered sensitive data to the dark web if ransom payments aren’t received. 

You may recall the April 2021 ransomware attack of Apple supplier Quanta Computer Inc. Ransomware group REvil initially demanded $50 million from Quanta to prevent the release of stolen Apple product blueprints before asking Apple to pay the ransom itself.

Best Practices To Avoid Sensitive Data Exposure

Whether your company is a ransomware victim or not, one of the most effective ways to prevent data exfiltration is to regularly archive and delete redundant, obsolete, trivial, and stale (ROTS) data in your organization. 

Another effective way to prevent exfiltration is by restricting your employees’ access to information, based on their “business need to know.” By managing your highly-sensitive data effectively, your data will have much lower potential value to cyber-attackers. You should also regularly back up all of your data and store it securely. 

Impact #4: Financial Impact of Ransom Payments 

The average ransomware payment soared to $570,000 in 2021, compared to $312,000 in 2020, according to a report published in GRC World Forums. In order to minimize ransomware payments, many organizations sought cyber-insurance protection, only to find that their median excess insurance prices increased by 123% compared to 2020. 

Companies cannot rely on insurance as a panacea, especially as insurers reassess risk and adjust policy benchmarks in response to the rise in ransomware. Insurance and consulting firm Woodruff Sawyer found that cybersecurity insurers have gotten picker about claims. Insurers have decreased coverage; they’ve also analyzed security controls more closely and scrutinized how companies are protecting work-from-home environments. 

Best Practices To Minimize Ransomware Payments

The best way to minimize ransomware payments is to not pay them in the first place. In addition to the ransomware detection recommendations discussed earlier, simple cybersecurity procedures like multi-factor authentication (MFA) can go a long way in protecting your organization from ransomware. 

Also, remember that you’re negotiating with a cyber-criminal—negotiations may not be subject to the ethical standards of traditional business activities. Published reports indicate that only 65% of encrypted data was restored after ransom payments were made in ransomware attacks. Take proactive steps to secure and back up your data, and you’ll be in a better position to avoid paying any ransom.

Impact #5: Ransomware as a Gateway for Future Cyber-Attacks 

On Sept. 11, 2021, Japanese technology manufacturer Olympus experienced a reported ransomware attack. The attack was rapidly followed by a subsequent attack on its IT systems in the U.S., Canada, and Latin America in October 2021. Similarly, Taiwanese electronics company Acer experienced a cyber-attack in October 2021, following a ransomware attack in March 2021. It has become common knowledge that cyber-attackers find additional vulnerabilities when they conduct initial attacks on companies’ IT systems, and they are more likely to exploit those vulnerabilities when they know companies are willing to pay large ransom payments.

Best Practices To Prevent Future Cyber-Attacks

The best practices are straightforward here. Continue to upgrade your IT security protection, patch software regularly, implement cross-organizational cybersecurity training initiatives, and consistently update your incident response plans.