It only takes seconds for ransomware to block access to an entire network, but the vast majority of businesses remain locked out of crucial files and systems for a week or more, with the impact causing severe financial and reputational damage.
In a recent broadcast, 60 Minutes aired a story on How Cybercriminals Hold Data Hostage...And Why the Best Solution is Often Paying Ransom. In May, Cleveland's airport was completely locked out after a computer attack took down its flight information, baggage displays, and email. Ransomware locks up a victim's files until a ransom is paid. More and more, critical public service networks are the targets. Before Cleveland, the city governments of Newark, Atlanta and Sarasota were hit, as well as San Francisco's transit authority, the Colorado Department of Transportation, and the Port of San Diego. Today, 26 percent of cities and counties say they fend off an attack on their networks every hour and dozens of hospitals have been held hostage across the U.S., reports 60 Minutes.
Perhaps even worse, data gathered from over a thousand businesses which have been victims of ransomware within the last year suggests that 85 percent of those infected by the malicious file encrypting software had their systems forced offline for at least a week, while a third of cases resulted in data being inaccessible for a month or more.
Worryingly, 15 percent of those targeted with ransomware found that their data was completely unrecoverable.
The figures, published in The Grim Reality of Ransomware report by Timico and Datto, paint a grim picture for businesses. Most appear to be grossly underprepared for the potential of falling victim to ransomware, a form of cyberattack which has become extremely lucrative for cybercriminals, who pocketed $1 billion from it.
Despite the rising threat from a criminal activity which is getting easier and easier to carry out, many organizations still don't have any sort of proper strategy in place to deal with a successful ransomware attack. Indeed, figures in the report suggest that 63 percent of organizations have no official ransomware policy in place at all.
That's particularly dangerous because the effects of a ransomware attack are almost instant. Sixty-eight percent of businesses surveyed said that their networks went from functional to encrypted and useless in mere minutes, while almost a quarter revealed that the lock-down occurred in just a few seconds, bringing operations screeching to a halt.
Perhaps it's because businesses fear the financial impacts of not being able to access their data that half of those which fall victim to ransomware eventually gave into the ransom demand of hackers, paying the criminals to restore networks.
Nearly a quarter of respondents admitted their organization had paid over £5,000 to retrieve their data, while a further quarter paid hackers between £3,000 and £5,000.
Larger organizations were more willing to pay significant ransoms, but they weren't the only targets. The most common ransom paid amongst small and medium sized businesses was between £500 and £1500, proving that there's still easy money to be made from targeting organizations of this size.
Ultimately, the report paints a picture of businesses still being massively under-prepared for what's now a significant cyber threat -- and that needs to change, say the report's backers.
"It's critical that all organizations, no matter what size, acknowledge the increasing and evolving threat of ransomware as attacks become ever more frequent and instill a policy, that is regularly updated, to educate staff on what to do if the business comes under attack," says Nabeil Samara, chief digital officer at Timico.
"Protection and communication are key to the difference between success or failure and will save the business infinite costs in the long run."
A willingness to pay ransoms to cybercriminals also points to a lack of awareness about schemes which provide free decryption tools, indicating that despite the authorities talking big on ransomware, the message isn't getting through.