• Skip to primary navigation
  • Skip to main content
  • Skip to footer

Cisco Umbrella

Enterprise network security

  • Contact Sales
  • Login
    • Umbrella Login
    • Cloudlock Login
  • Why Us
    • Why Cisco Umbrella
      • Why Try Umbrella
      • Why DNS Security
      • Why Umbrella SASE
      • Our Customers
      • Customer Stories
      • Why Cisco Secure
    • Fast Reliable Cloud
      • Global Cloud Architecture
      • Cloud Network Status
      • Global Cloud Network Activity
    • Unmatched Intelligence
      • A New Approach to Cybersecurity
      • Interactive Intelligence
      • Cyber Attack Prevention
      • Umbrella and Cisco Talos Threat Intelligence
    • Extensive Integrations
      • IT Security Integrations
      • Hardware Integrations
      • Meraki Integration
      • Cisco Umbrella and SecureX
  • Products
    • Cisco Umbrella Products
      • Cisco Umbrella Cloud Security Service
      • Recursive DNS Services
      • Cisco Umbrella SIG
      • Umbrella Investigate
      • What’s New
    • Product Packages
      • Cisco Umbrella Package Comparison
      • – DNS Security Essentials Package
      • – DNS Security Advantage Package
      • – SIG Essentials Package
      • – SIG Advantage Package
      • Umbrella Support Packages
    • Functionality
      • DNS-Layer Security
      • Secure Web Gateway
      • Cloud Access Security Broker (CASB)
      • Cloud Data Loss Prevention (DLP)
      • Cloud-Delivered Firewall
      • Cloud Malware Protection
      • Remote Browser Isolation (RBI)
    • Man on a laptop with headphones on. He is attending a Cisco Umbrella Live Demo
  • Solutions
    • SASE & SSE Solutions
      • Cisco Umbrella SASE
      • Secure Access Service Edge (SASE)
      • What is SASE
      • What is Security Service Edge (SSE)
    • Functionality Solutions
      • Web Content Filtering
      • Secure Direct Internet Access
      • Shadow IT Discovery & App Blocking
      • Fast Incident Response
      • Unified Threat Management
      • Protect Mobile Users
      • Securing Remote and Roaming Users
    • Network Solutions
      • Guest Wi-Fi Security
      • SD-WAN Security
      • Off-Network Endpoint Security
    • Industry Solutions
      • Government and Public Sector Cybersecurity
      • Financial Services Security
      • Cybersecurity for Manufacturing
      • Higher Education Security
      • K-12 Schools Security
      • Healthcare, Retail and Hospitality Security
      • Enterprise Cloud Security
      • Small Business Cybersecurity
  • Resources
    • Content Library
      • Top Resources
      • Cybersecurity Webinars
      • Events
      • Research Reports
      • Case Studies
      • Videos
      • Datasheets
      • eBooks
      • Solution Briefs
    • International Documents
      • Deutsch/German
      • Español/Spanish
      • Français/French
      • Italiano/Italian
      • 日本語/Japanese
    • Security Definitions
      • What is Secure Access Service Edge (SASE)
      • What is Security Service Edge (SSE)
      • What is a Cloud Access Security Broker (CASB)
      • Cyber Threat Categories and Definitions
    • For Customers
      • Support
      • Customer Success Webinars
      • Cisco Umbrella Studio
  • Trends & Threats
    • Market Trends
      • Hybrid Workforce
      • Rise of Remote Workers
      • Secure Internet Gateway (SIG)
    • Security Threats
      • How to Stop Phishing Attacks
      • Malware Detection and Protection
      • Ransomware is on the Rise
      • Cryptomining Malware Protection
      • Cybersecurity Threat Landscape
      • Global Cyber Threat Intelligence
    •  
    • Woman connecting confidently to any device anywhere
  • Partners
    • Channel Partners
      • Partner Program
      • Become a Partner
    • Service Providers
      • Secure Connectivity
      • Managed Security for MSSPs
      • Managed IT for MSPs
    •  
    • Person looking down at laptop. They are connecting and working securely
  • Blog
    • News & Product Posts
      • Latest Posts
      • Products & Services
      • Customer Focus
      • Feature Spotlight
    • Cybersecurity Posts
      • Security
      • Threats
      • Cybersecurity Threat Spotlight
      • Research
    •  
    • Register for a webinar - with illustration of connecting securely to the cloud
  • Contact Us
  • Umbrella Login
  • Cloudlock Login
  • Free Trial
Threats

The cost of ransomware attacks: Why and how you should protect your data

Author avatar of Rachel AckerlyRachel Ackerly
August 10, 2021 • 4 minute read
View blog >

As the COVID-19 pandemic ravaged the world in 2020, ransomware attacks grew to epidemic proportions of their own. Almost every day, both large and small companies across every industry — all lacking ransomware protection — were attacked. Now with incidents on the rise, organizations are rushing to implement data protection strategies to reduce their exposure.

By 2031, ransomware is likely to cost victims more than $250 billion annually, with a new attack occurring every 2 seconds.1

But, while everyone can agree that ransomware is a major threat, what are the actual costs that come with a ransomware attack? And, more importantly, what can you do to defend yourself from them?

What is ransomware?

Ransomware is malicious software (malware) used in a cyberattack to encrypt a victim’s data with a key known only to the attacker, rendering the data unusable until a ransom payment (usually cryptocurrency like Bitcoin) is paid by the victim. Ransomware activity has become pervasive, impacting 50% of organizations in 2020.2

Recently, however, ransomware incidents have become even more insidious. In the past, attackers would simply force companies to pay a ransom to unlock data. Today, 70% of occurrences employ double extortion tactics, where attackers exfiltrate and steal sensitive company information to coerce companies to pay even more.3 If payment isn’t made, the attackers leak the data onto the dark web.

The real costs of ransomware attacks

Ransomware has many costs, from the ransom amount to the costs of recovering from the occurrence to the damage to your organization’s brand. All of the costs add up to significant amounts and can take a major toll on your business.

Ransom costs

2020 was a very good year for ransomware attackers. The number of companies willing to pay increased, as did the size of the payouts.

A graphic that reveals three statistics about ransomware attacks in 2020. The first reads "$312,493: The average ammount paid by attack victims - an increase of 171% year-over-year." The second reads: "$10 million: The highest ransom paid by an organization in 2020 - up by $5 million in 2019." The third reads: "58%: The estimated percentage of victims that paid ransoms in 2020."

Remediation costs

Beyond the ransom itself, there are the costs it takes to recover from an attack — including investing in IT resources to rebuild servers and recover data. There are also the costs of the disruption to the business, like lost revenue incurred from downtime.

A graphic that provides three statistics about ransomware attacks in 2020. The first reads: "$207,875: The average cost of a forensic investigation after a ransomware incident in 2020." The second reads: "16 days: The average downtime after a ransomware incident." The third reads: "$283,000: The average loss in downtime, per incident, in 2020."

Intangible costs: more than money

Beyond the direct costs of ransom and remediation, there are the soft costs of PR fiascos, brand erosion, and the reduced confidence of customers and partners. In addition, boards of directors and governments are starting to require immediate reporting of cybersecurity incidents, which take resources and incur more costs. For example, the U.S. Transportation Security Administration (TSA) will require pipeline companies to report incidents within 12 hours.

Using a modern cloud-native security solution for ransomware protection

While ransomware attacks are on the rise — and more costly than ever — there are risk mitigation strategies that you can take to defend against attacks and other cybersecurity threats. Cisco Umbrella, the cloud-native, multi-function security service, unifies firewall, secure web gateway (SWG), DNS-layer security, cloud access security broker (CASB), and threat intelligence into a single cloud service to help businesses of all sizes secure their network against ransomware and cybersecurity threats.

So, how exactly does Cisco Umbrella provide ransomware protection?

Blocks the first phase of attack — malicious internet requests at the DNS layer

Ransomware attackers need to stage internet infrastructure before they can launch an attack. Cisco Umbrella stops ransomware attacks early by blocking internet connections to the malicious sites that serve up ransomware. Cisco Umbrella enforces security at the DNS and IP layers, processing 220 billion internet requests for more than 20,000 businesses every day, preventing users from ever accessing most malicious content sites.

Unifies other security services for robust protection — anywhere and everywhere

With users accessing data and apps both on and off network and on many types of devices, ransomware security needs to be everywhere. Instead of a variety of individual standalone security solutions, Cisco Umbrella combines DNS-layer, firewall, SWG, CASB, and threat intelligence functions into a single cloud service to help businesses of all sizes secure their users, applications, and data, wherever they are.

Leverages unmatched threat intelligence

The best defense is a good offense. Cisco Umbrella uses intelligence from Cisco Talos, one of the largest commercial threat intelligence teams in the world, to offensively discover and block new threats before they become attacks. In addition, backed by more than 300 researchers, Cisco Umbrella uncovers and blocks a broad spectrum of malicious domains, IPs, URLs, and files being used in attacks.

Delivers proven performance against threats

Cisco Umbrella has a track record of tried-and-tested threat detection and security efficacy, backed by third-party validation. AV-TEST, an independent security organization, conducted a study of threat efficacy among leading cloud security vendors. Cisco Umbrella received top marks across the board, with a 96.39% threat detection rate — the highest in the industry.10

Take preventative action to defend your data

Ransomware attacks and their associated costs pose a serious threat to your business. But there are ways to defend against ransomware and mitigate the risks. Cisco Umbrella uses multiple, advanced security functions to provide protection from ransomware and other security threats. Want to learn even more about how to defend your data? Download the Ransomware Defense for Dummies ebook.

Get the Ransomware Defense for Dummies ebook

1 Brave, David, Global Ransomware Damage Costs Predicted to Reach $250 Billion (USD) by 2031, Cyber Security Ventures, June 1, 2021.
2 2021 Cyber security threat trends – phishing, crypto top the list, Cisco, June 1, 2021.
3 Brave, David, Global Ransomware Damage Costs Predicted to Reach $250 Billion (USD) by 2031, Cyber Security Ventures, June 1, 2021.
4 Highlights from the 2021 Unit 42 Ransomware Threat Report, Palo Alto Networks, March 17, 2021.
5 Highlights from the 2021 Unit 42 Ransomware Threat Report, Palo Alto Networks, March 17, 2021.
6 Yeap, Yuen Pin, Why Ransomware Costs Businesses Much More Than Money, Forbes, April 30, 2021.
7 Scroxton, Alex, Average Ransomware Cost Triples, Says Report, Computer Weekly, March 17, 2021.
8 Yeap, Yuen Pin, Why Ransomware Costs Businesses Much More Than Money, Forbes, April 30, 2021.
9 Andrus, Danielle, Ransomware Incidents, Costs On the Rise, and No Target Is Too Small, Benefits Pro, May 5, 2021.
10 DNS-Layer Protection & Secure Web Gateway Security Efficacy Test, AV-TEST, February 2021.

Suggested Blogs

  • Cybersecurity Threat Spotlight: Emotet, RedLine Stealer, and Magnat Backdoor February 3, 2022 5 minute read
  • Using DNS-layer security to detect and prevent ransomware attacks August 12, 2021 6 minute read
  • Keeping your crypto safe as cryptocurrency phishing attacks soar April 27, 2021 4 minute read

Share this blog

FacebookTweetLinkedIn

Follow Us

  • Twitter
  • Facebook
  • LinkedIn
  • YouTube

Footer Sections

What we make

  • Cloud Security Service
  • DNS-Layer Network Security
  • Secure Web Gateway
  • Security Packages

Who we are

  • Global Cloud Architecture
  • Cloud Network Status
  • Cloud Network Activity
  • OpenDNS is now Umbrella
  • Cisco Umbrella Blog

Learn more

  • Webinars
  • Careers
  • Support
  • Cisco Umbrella Live Demo
  • Contact Sales
Umbrella by Cisco
208.67.222.222+208.67.220.220
2620:119:35::35+2620:119:53::53
Sign up for a Free Trial
  • Cisco Online Privacy Statement
  • Terms of Service
  • Sitemap

© 2023 Cisco Umbrella