The pandemic has led to a dramatic increase in ransomware attacks globally. And getting targeted now can be expensive and disruptive, especially at a time when additional disturbances may be particularly hard to absorb.
Estimates put the cost of ransomware to the U.S. economy alone at $1.3 trillion in 2020.1 By some measures, that U.S. total in 2021 could run to $6 trillion, including downtime, with the possibility of an attack happening every 11 seconds on average.2
But there is much you can do right now to protect your firm and help safeguard personal information and wealth.
The rise of ransomware attacks
Beginning last year, as the coronavirus raged, many people began working from home in cyber environments often less secure than their offices could provide. Since then, many businesses have been forced to become more digital in how they interact with customers.
Just in 2021 year-to-date, ransomware attacks have risen as much as 485% over 2020.3 At J.P. Morgan, we have seen a marked uptick in clients victimized by ransomware attacks. Often, it’s because their firms lacked the right safeguards to stop ransomware invasions. And even as employees have begun returning to offices, cybercriminals continue to target businesses with ransomware.
Businesses across the globe of all types and sizes have fallen victims to ransomware attacks. But the most frequently targeted are currently companies in the oil & gas infrastructure, healthcare and education industries. Also, as many regions do not require reporting of cyber attacks, and businesses everywhere are reluctant to reveal ransomware attacks, reported numbers are likely a small portion of actual cases.
The real costs of a cyber ransom
Many organizations prefer to keep ransomware attacks private because being a target can lead to loss of reputation, require expensive public relations efforts and strain relations with valued stakeholders.
The additional toll on the business leaders and the organizations’ clients should not be underestimated.
As for potential financial losses, McAfee predicts that attackers will increasingly target home-workers in order to compromise their employers, while monetary demands often run into the millions and are rising.4 Beyond any ransom paid, the cost of cleaning up and remediating a ransomware more than doubled from an average of over $761,000 in 2020 to $1.85 million in 2021.5 This figure includes downtime, technical remediation and reputational damage.
Moreover, ransomware insurance, even if you keep it up-to-date and are in full compliance with its terms, is unlikely to cover all costs.
How to protect yourself against ransomware
Prevention is your best defense. Here are the critical steps in any good plan:
1) Know the enemy
Ransomware is a form of malware that typically works to deny a company’s access to its own critical systems or data files until a ransom is paid. In recent twists on this basic playbook, cybercriminals have threatened to release sensitive information unless a ransom is paid.
Infiltration comes through a number of avenues; one of the top ways is through phishing emails that, seemingly from legitimate vendors or contacts, entice users to click on a link or attachment.
Once in a system, ransomware can lie undetected in an organization’s systems for days, even months, collecting information before a successful attack is launched and ransom demanded. Personal as well as business information can be compromised.
Criminals typically demand to be paid in cryptocurrency, such as bitcoin, as they seek to stay anonymous.
2) Stay ready
- Ensure that you’re staying up-to-date on the latest software releases, which include essential security patches and address known vulnerabilities.
- Back up data regularly.
- Establish a business incident response team to include business representatives, Technology, Operations, Communications and Legal prior to any incident to address business and regulatory issues.
- Prioritize critical business functions in a disaster recovery plan, should an incident still occur.
- Maintain data and operations contingency plans so your company can operate if attacked. This may include partnering with outside specialists who can help you navigate a ransomware incident.
3) Rally troops
We cannot overemphasize the importance of everyone in your organization remaining vigilant. Help them by:
- Instituting ongoing cyber educational programs that include a variety of cyber awareness exercises (e.g., phishing simulations, regular training).
- Informing and reminding them where they can report suspicious activities and emails.
4) Test your readiness
- Conduct regular cyber assessments and routine monitoring to understand your vulnerabilities or cyber risks.
- Mobilize the business incident response team and call upon your partners to quickly address and mitigate paying any ransom.
- Use the disaster recovery plan established to minimize potential downtime and loss.
- Contact the FBI and law enforcement, who often have specially trained cyber squads. Rapid reporting can help support the potential recovery of lost funds.
In the news?
Ransomware is in the headlines daily. If a company with which you do business is compromised, don’t wait; take immediate action.
Protect yourself, separate from whatever that company does. Before you are also a victim of a cyberattack, change your password at all the sites at which you have used that same password, and contact every financial institution with which you do business to tell them your information or credentials may have been compromised.
If you live in the United States, we also suggest freezing your credit with all the major credit agencies so that fraudsters cannot open new accounts in your name. Consider placing alerts on existing accounts to watch for unauthorized activity. Compromised credentials can cost you a lot.
We can help
For more information on how you can better protect your business from a ransomware attack, please review "The Anatomy of a Ransomware Attack."
If you want to learn more about the other cyber threats and how you can protect yourself, please reach out to your J.P. Morgan team member for our educational tips sheets or to schedule a cyber education session.