While 85% were offline for a week or more, a third of the businesses surveyed had to cope with affected systems being unavailable for more than a month, with 15% reporting that the data which had been encrypted by the ransomware was not recoverable.
Ransomware is malicious code that infects largely Windows computers and encrypts files based on what instructions are in its code. It then displays a ransom note when the user logs in and instructs them how much to pay — mostly in Bitcoin — and where the payment can be made.
The survey, conducted by managed cloud service provider Timico and business continuity solutions provider Datto between 30 January and 3 February, collected data from representatives of 1000 businesses, with half being small and medium enterprises and the other half being large corporations.
|
|
The Internet of #Ransomware Things ...[Infographic]#IoT #IoTsecurity #CyberAttacks #CyberCrime pic.twitter.com/dhiHoYqR9R
— ipfconline (@ipfconline1) February 21, 2017
The survey found that the ransom demands were rising. About 23% of the businesses surveyed paid more than £5000 (approximately $8105) to retrieve their data while 26% paid between £3000 and £5000.
Large corporates paid higher ransoms, with a third of the corporates paying more than £5000 while 15% of SMEs faced similar demands. The most common demand from SMEs (35%) was between £500 and £1500.
The businesses surveyed did not have a ready means of computing what the ransomware attacks had cost them, with 29% saying it was "unquantifiable". But 53% said the downtime of data systems had cost their organisations between 1000 and 2000 a day in lost revenue.
Nearly two-thirds of the businesses had no policy in place to tackle ransomware attacks, leaving staff at a loss as to what should be done in the event of an attack.
Timico chief digital officer Nabeil Samara said the findings showed that ransomware could act speedily and leave far-reaching effects on an organisation.
"It’s not just a case of the data loss and financial cost to the business. A ransomware attack can have a debilitating effect, with long-term consequences across the business, with the company even breaching terms of any regulatory bodies that the business holds themselves accountable to," Samara said.
"The (British ) Government has now launched its The Cyber Schools Programme but education needs to extend beyond the classroom and into the workplace. It's critical that all organisations, no matter what size, acknowledge the increasing and evolving threat of ransomware as attacks become ever more frequent and instil a policy, that is regularly updated, to educate staff on what to do if the business comes under attack.
"Protection and communication are key to the difference between success or failure and will save the business infinite costs in the long run."
Datto managing director Andrew Stuart said the high quantity of ransomware strains and their evolving nature meant traditional signature-based anti-virus solutions were not effective against the threat.
"A back-up and disaster recovery solution which utilises the cloud can effectively defend against ransomware," he said. "This creates regular encrypted back-ups of your data, and maintains prior versions.
"In the case of a ransomware attack, businesses can easily 'roll back' their data to an uninfected version, so no ransom needs to be paid. And, of course, this second copy has the added benefit of preventing data loss via accidental deletion."
