Ransomware Wake-Up Call: Powerful and Urgent Lessons from 2024
Ransomware trends in 2024 reveal escalating threats, evolving attack methods, and critical lessons f
One of the greatest cyber threats facing businesses today is ransomware, and many are uncertain about the right response. An astonishing 66% of companies have reported that their organization was impacted by ransomware, with two-thirds of these noting that their data was encrypted [1]. Recently, MGM Resorts revealed that a ransomware incident cost the company a staggering USD 100 million [2], reigniting the debate: Should you pay the ransom?
I believe giving in to a criminal’s demands is never wise. As highlighted in the United States Government’s “How to Protect Your Networks from Ransomware” guide, the US government (USG) discourages paying ransoms.
Here are some reasons for resisting the urge to pay:
Relying on the word of a hacker—an anonymous criminal bent on exploiting you—is risky. Data recovery isn’t guaranteed. Only 46% of those who conceded to ransom demands successfully retrieved their data [1]. Furthermore, even if data was encrypted, just 65% of organizations restored the data post-payment [4].
An astounding 83% of organizations have been breached more than once [5]. Paying a ransom is akin to painting a target on your back. If you’ve paid once, hackers might presume you’ll pay again, potentially demanding even more next time.
Proofpoint’s 2023 State of Phish Report highlights the uncertainty surrounding ransom payments. After paying, only about 52% of victims regained data access [6]. Others had to make additional payments, and some never regained access. This serves as a reminder that these criminals primarily aim to extort.
Every ransom paid finances the future endeavors of cyber criminals. Your payment might fuel the development of even more sophisticated malware and embolden hackers to become more aggressive. Ransomware is big business; the average ransom payment has doubled to USD 1.5 million this year. Additionally, 40% of ransom payments are above USD 1 million. [7]
A common misconception is that only large businesses are at risk. This couldn’t be further from the truth. Ransomware doesn’t discriminate by size [1]:
Furthermore, industry sectors show varying susceptibilities, given the kind of data they manage. For example [1]:
Although ransoms might vary based on a company’s revenue—with one-third of SMBs paying under $50,000 [9]—the repercussions of business disruption, reputational damage, and customer attrition can be monumental. In Datto’s SMB Cybersecurity for MSP Report, 60% of respondents felt their organization might be hit by a successful ransomware attack in the next 12 months, and around 70% admitted that the impact of a ransomware attack would be extreme or significant. [8] Ransomware is a significant problem for businesses of all sizes. It isn’t just a big business problem.
The exorbitant payout by MGM Resorts brings up several questions: Why are so many companies opting to pay? Is there a tangible benefit? Why is there a lax attitude towards cybersecurity? My research paints a worrying picture: 79% of companies have paid a ransom in recent years [9]. It can seem tempting to pay the ransom because it is easy. Paying the ransom allows organizations immediate access to the encrypted data if nothing goes wrong in the transaction process. Business leaders know their cyber insurance will pay up to their cap and are willing to take the risk. But, with the high reoccurrence rate, the company may lose their insurance, not to mention their insurance premiums may radically increase.
This apathetic attitude towards the issue is concerning and only perpetuates the problem. Research shows a marginal difference in breach-related costs between paying (USD 5.06 million) and not paying (USD 5.17 million) a ransom. The financial incentive to pay is minimal, merely saving 2.2% or USD 110,000 [7].
There appears to be a misconception and a gap in priorities.
These stats show an alarming problem where security is unimportant in a world where cyber threats are as typical as 83% of businesses having at least one breach. If security is not a business enabler, and technology is not a business enabler, you must rethink your business strategy.
Businesses should only pay the ransom if they have no other viable options for survival. Paying is a business decision that must weigh all risks and options to protect customers, shareholders, and employees.
One thing to note is paying a ransom may be illegal. In September 2021, the US Treasury’s Office of Foreign Asset Control (OFAC) warned that companies face legal action when making ransom payments if the individual or nation has been sanctioned or has ties to terrorism. [11]
Given potential legal repercussions and the marginal cost savings, companies should resist paying ransoms. Instead, they should be proactive, viewing security and compliance as business enhancers and investing in their security programs.
Investing in robust security measures reduces risks and fosters a culture emphasizing the importance of cybersecurity, preparing businesses for potential threats, and enabling them to be proactive rather than merely reactive. The importance of investment cannot be stressed enough. Beyond the immediate protective benefits, a robust security program also instills customer trust, showcasing the organization’s commitment to safeguarding data. Over time, this trust can lead to competitive advantages in the marketplace and bolster the company’s reputation as a secure and reliable entity.
Brent Neal, the lead vCISO and principal advisor at Vanguard Technology Group, brings over 25 years of extensive experience in Security, IT, and GRC departments. With expertise in strategy, governance, program development, and compliance, Mr. Neal has paved the way for VTG’s comprehensive services. We specialize in providing holistic consulting, strategic planning, and tailored solutions to meet the unique security needs of various industries. Our expert guidance helps organizations establish a strong security posture, align initiatives with business objectives, and confidently navigate the evolving cybersecurity landscape.
Share our blog and spread cybersecurity knowledge!
Ransomware trends in 2024 reveal escalating threats, evolving attack methods, and critical lessons f
Over the past year, AI has transformed the technology and cybersecurity landscape, introducing urgen
Many companies face challenges in effectively prioritizing and maturing their security domains, such
One of the greatest cyber threats facing businesses today is ransomware, and many are uncertain abou
Introduction In cybersecurity, it’s easy to assume that more security tools would equate to better
Every year, IBM Security publishes a report about the cost of a data breach. The 2023 Cost of Data B
Security Leadership (Virtual CISO)
Program Development & Maturity
Compliance Services
Advisory & Consulting Services
© All Copyright 2023-2024 by Vanguard Technology Group