The pandemic has led to a dramatic increase in ransomware attacks globally. And getting targeted now can be expensive and disruptive, especially at a time when additional disturbances may be particularly hard to absorb.
Estimates put the cost of ransomware to the U.S. economy alone at $7.5 billion in 2019.1 By some measures, that U.S. total for 2020 could run to $1.3 trillion, including downtime. The worldwide 2020 total could be as high as $25 trillion.2
But there is much you can do, right now, to protect your firm and help safeguard personal information and wealth.
Explosion in ransomware
This year, as the coronavirus raged, many people have worked from home in cyber environments often less secure than their offices could provide. Moreover, many businesses were forced to become more digital in how they interacted with customers.
Little surprise, then, that year-to-date, ransomware attacks have risen as much as 715% over 2019.3 At J.P. Morgan, we have seen a marked uptick in clients victimized by ransomware attacks. Often, it’s because their firms lacked the right safeguards to stop ransomware invasions.
Targets include businesses of all types and sizes—in all regions. But the most frequently targeted are currently companies in the oil & gas, healthcare and education industries. Also, as many regions do not demand reporting, and businesses everywhere are reluctant to reveal ransomware attacks, reported numbers are likely a small portion of actual cases.
The real costs of a cyber ransom
Many organizations prefer to keep ransomware attacks private because being a target can lead to loss of reputation, require expensive public relations efforts and strain relations with valued stakeholders.
The additional toll on the business leaders and the organizations’ clients should not be underestimated.
As for potential financial losses, estimates now put the average ransom payment at about $178K.4 But monetary demands often run into the millions and they’re rising. Beyond any ransom paid, the cost of cleaning up and remediating a ransomware attack can average more than $620K.5 This figure does not include downtime, technical remediation and reputational damage.
Moreover, ransomware insurance, even if you keep it up to date and are in full compliance with its terms, is unlikely to cover all costs.
Prepare for battle
Prevention is your best defense. Here are the critical steps in any good plan:
1) Know the enemy
Ransomware is a form of malware that typically works to deny a company’s access to its own critical systems or data files until a ransom is paid. In recent twists on this basic playbook, cybercriminals have threatened to release sensitive information unless a ransom is paid.
Infiltration comes through a number of avenues; one of the top ways is through phishing emails that, seemingly from legitimate vendors or contacts, entice users to click on a link or attachment.
Once in a system, ransomware can lie undetected in an organization’s systems for days, even months, collecting information before a successful attack is launched and ransom demanded. Personal as well as business information can be compromised.
Criminals typically demand to be paid in cryptocurrency, such as bitcoin, as they seek to stay anonymous.
2) Stay ready
- Ensure that you’re staying up to date on the latest software releases, which include essential security patches and address known vulnerabilities.
- Back up data regularly.
- Establish a business incident response team to include business representatives, Technology, Operations, Communications and Legal prior to any incident to address business and regulatory issues.
- Prioritize critical business functions in a disaster recovery plan, should an incident still occur.
- Maintain data and operations contingency plans so your company can operate if attacked. This may include partnering with outside specialists who can help you navigate a ransomware incident.
3) Rally troops
We cannot overemphasize the importance of everyone in your organization remaining vigilant. Help them by:
- Instituting ongoing cyber educational programs that include a variety of cyber awareness exercises (e.g., phishing simulations, regular training).
- Informing and reminding them where they can report suspicious activities and emails.
4) Test your readiness
- Conduct regular cyber assessments and routine monitoring to understand your vulnerabilities or cyber risks.
- Mobilize business incident response team and call upon your partners to quickly address and mitigate paying any ransom.
- Use the disaster recovery plan established to minimize potential downtime and loss.
- Contact the FBI and law enforcement who often have specially trained cyber squads. Rapid reporting can help support the potential recovery of lost funds.
In the news?
Ransomware is in the headlines daily. If a company with which you do business is compromised, don’t wait; take immediate action.
Protect yourself, separate from whatever that company does. Change your password at all sites you have used that same password, and contact every financial institution with which you do business to tell them your information or credentials may have been compromised, before you are also a victim of a cyberattack.
If you live in the United States, we also suggest freezing your credit with the three major credit agencies so that fraudsters cannot open new accounts in your name. Consider placing alerts on existing accounts to watch for unauthorized activity. Compromised credentials can cost you a lot.
We can help
For more information on how you can better protect your business from a ransomware attack, please review "The Anatomy of a Ransomware Attack."
If you want to learn more about the other cyber threats and how you can protect yourself, please reach out to your J.P. Morgan team member for our educational tips sheets or schedule a cyber education session.
1“Ransomware may have cost the US more than $7.5 billion in 2019,” MIT Technology review, Jan. 2, 2020. https://technologyreview.com/2020/01/02/131035/ransomware-may-have-cost-the-us-more-than-75-billion-in-2019/
3Numbers tend to be U.S.-centric, as transparency tends to be higher there. www.zdnet.com/article/ransomware-huge-rise-in-attacks-this-year-as-cyber-criminals-hunt-bigger-pay-days/