Cisco Umbrella

Enterprise network security

Threats

The cost of ransomware attacks: Why and how you should protect your data

Author avatar of Rachel AckerlyRachel Ackerly
• 4 minute read
View blog >

As the COVID-19 pandemic ravaged the world in 2020, ransomware attacks grew to epidemic proportions of their own. Almost every day, both large and small companies across every industry — all lacking ransomware protection — were attacked. Now with incidents on the rise, organizations are rushing to implement data protection strategies to reduce their exposure.

By 2031, ransomware is likely to cost victims more than $250 billion annually, with a new attack occurring every 2 seconds.1

But, while everyone can agree that ransomware is a major threat, what are the actual costs that come with a ransomware attack? And, more importantly, what can you do to defend yourself from them?

What is ransomware?

Ransomware is malicious software (malware) used in a cyberattack to encrypt a victim’s data with a key known only to the attacker, rendering the data unusable until a ransom payment (usually cryptocurrency like Bitcoin) is paid by the victim. Ransomware activity has become pervasive, impacting 50% of organizations in 2020.2

Recently, however, ransomware incidents have become even more insidious. In the past, attackers would simply force companies to pay a ransom to unlock data. Today, 70% of occurrences employ double extortion tactics, where attackers exfiltrate and steal sensitive company information to coerce companies to pay even more.3 If payment isn’t made, the attackers leak the data onto the dark web.

The real costs of ransomware attacks

Ransomware has many costs, from the ransom amount to the costs of recovering from the occurrence to the damage to your organization’s brand. All of the costs add up to significant amounts and can take a major toll on your business.

Ransom costs

2020 was a very good year for ransomware attackers. The number of companies willing to pay increased, as did the size of the payouts.

A graphic that reveals three statistics about ransomware attacks in 2020. The first reads "$312,493: The average ammount paid by attack victims - an increase of 171% year-over-year." The second reads: "$10 million: The highest ransom paid by an organization in 2020 - up by $5 million in 2019." The third reads: "58%: The estimated percentage of victims that paid ransoms in 2020."

Remediation costs

Beyond the ransom itself, there are the costs it takes to recover from an attack — including investing in IT resources to rebuild servers and recover data. There are also the costs of the disruption to the business, like lost revenue incurred from downtime.

A graphic that provides three statistics about ransomware attacks in 2020. The first reads: "$207,875: The average cost of a forensic investigation after a ransomware incident in 2020." The second reads: "16 days: The average downtime after a ransomware incident." The third reads: "$283,000: The average loss in downtime, per incident, in 2020."

Intangible costs: more than money

Beyond the direct costs of ransom and remediation, there are the soft costs of PR fiascos, brand erosion, and the reduced confidence of customers and partners. In addition, boards of directors and governments are starting to require immediate reporting of cybersecurity incidents, which take resources and incur more costs. For example, the U.S. Transportation Security Administration (TSA) will require pipeline companies to report incidents within 12 hours.

Using a modern cloud-native security solution for ransomware protection

While ransomware attacks are on the rise — and more costly than ever — there are risk mitigation strategies that you can take to defend against attacks and other cybersecurity threats. Cisco Umbrella, the cloud-native, multi-function security service, unifies firewall, secure web gateway (SWG), DNS-layer security, cloud access security broker (CASB), and threat intelligence into a single cloud service to help businesses of all sizes secure their network against ransomware and cybersecurity threats.

So, how exactly does Cisco Umbrella provide ransomware protection?

Blocks the first phase of attack — malicious internet requests at the DNS layer

Ransomware attackers need to stage internet infrastructure before they can launch an attack. Cisco Umbrella stops ransomware attacks early by blocking internet connections to the malicious sites that serve up ransomware. Cisco Umbrella enforces security at the DNS and IP layers, processing 220 billion internet requests for more than 20,000 businesses every day, preventing users from ever accessing most malicious content sites.

Unifies other security services for robust protection — anywhere and everywhere

With users accessing data and apps both on and off network and on many types of devices, ransomware security needs to be everywhere. Instead of a variety of individual standalone security solutions, Cisco Umbrella combines DNS-layer, firewall, SWG, CASB, and threat intelligence functions into a single cloud service to help businesses of all sizes secure their users, applications, and data, wherever they are.

Leverages unmatched threat intelligence

The best defense is a good offense. Cisco Umbrella uses intelligence from Cisco Talos, one of the largest commercial threat intelligence teams in the world, to offensively discover and block new threats before they become attacks. In addition, backed by more than 300 researchers, Cisco Umbrella uncovers and blocks a broad spectrum of malicious domains, IPs, URLs, and files being used in attacks.

Delivers proven performance against threats

Cisco Umbrella has a track record of tried-and-tested threat detection and security efficacy, backed by third-party validation. AV-TEST, an independent security organization, conducted a study of threat efficacy among leading cloud security vendors. Cisco Umbrella received top marks across the board, with a 96.39% threat detection rate — the highest in the industry.10

Take preventative action to defend your data

Ransomware attacks and their associated costs pose a serious threat to your business. But there are ways to defend against ransomware and mitigate the risks. Cisco Umbrella uses multiple, advanced security functions to provide protection from ransomware and other security threats. Want to learn even more about how to defend your data? Download the Ransomware Defense for Dummies ebook.

Get the Ransomware Defense for Dummies ebook

1 Brave, David, Global Ransomware Damage Costs Predicted to Reach $250 Billion (USD) by 2031, Cyber Security Ventures, June 1, 2021.
2 2021 Cyber security threat trends – phishing, crypto top the list, Cisco, June 1, 2021.
3 Brave, David, Global Ransomware Damage Costs Predicted to Reach $250 Billion (USD) by 2031, Cyber Security Ventures, June 1, 2021.
4 Highlights from the 2021 Unit 42 Ransomware Threat Report, Palo Alto Networks, March 17, 2021.
5 Highlights from the 2021 Unit 42 Ransomware Threat Report, Palo Alto Networks, March 17, 2021.
6 Yeap, Yuen Pin, Why Ransomware Costs Businesses Much More Than Money, Forbes, April 30, 2021.
7 Scroxton, Alex, Average Ransomware Cost Triples, Says Report, Computer Weekly, March 17, 2021.
8 Yeap, Yuen Pin, Why Ransomware Costs Businesses Much More Than Money, Forbes, April 30, 2021.
9 Andrus, Danielle, Ransomware Incidents, Costs On the Rise, and No Target Is Too Small, Benefits Pro, May 5, 2021.
10 DNS-Layer Protection & Secure Web Gateway Security Efficacy Test, AV-TEST, February 2021.

Suggested Blogs