Wednesday, 23 December 2020 09:30

You’ve heard of Software as a Service – now get ready for Ransomware as a Service

By John Donovan, Managing Director, ANZ at Sophos

Guest Opinion: The ransomware business is booming. In fact, a recent study by Sophos showed that the average global cost of addressing the impact of a ransomware attack, including business downtime, lost orders, operational costs, and more, was US$730,000. This average cost rose to US$1.4 million, almost twice as much, when organisations paid the ransom.

And now ransomware attacks have gone from using highly customised software to a system where it’s become the malevolent equivalent of software as a service – ransomware as a service (RaaS).

These attacks are high volume, low ransom events where the software developers sell their malicious packages (or take a cut of the ransom) to less sophisticated cybercriminals. Those cybercrooks then take a shotgun approach, attacking anything and anyone they can in the hope that a percentage will stick and be forced to pay a fee to have their precious data decrypted. That’s where they make their money.

The state of the ransomware economy

Sophos’ recent report, The State of Ransomware 2020 surveyed 5000 respondents from 26 countries, including 200 people from Australia.

The report found that almost half of Australian companies (48 per cent) were hit by a ransomware attack in the last 12 months, but of those, only 17 per cent of attacks were stopped before the data was encrypted.

In almost three-quarters of ransomware attacks, cybercriminals succeeded in encrypting the data, and in just under a quarter of cases, the attack was stopped before the data was encrypted. This indicates that anti-ransomware technology is having an effect and stopping the bad guys’ attacks before they can cause havoc.

In Australia, 12 per cent of firms hit by a ransomware attack paid up to get back access to their data.

Ransomware – the costs of paying up

While 73 per cent of attacks succeeded in encrypting data, the good news is that 94 per cent of companies suffering an infection managed to get their data back. Globally, 26 per cent got their data back by paying a ransom (that figure is only 12 per cent locally), while just over half recovered their operations via backups. Somewhat mysteriously, 12 per cent globally retrieved their data through other means.

One of the most fascinating aspects of ransomware attacks is that paying up actually doubles the cost! Our research found the average cost globally to remediate a company’s infrastructure after a ransomware attack comes in at $US1,448,458 if the ransom is paid. That figure drops to $US732,520 if the attacked company chooses to not pay up.

This sounds a little counter intuitive. After all, if you’ve paid a ransom, you expect to have your data decrypted and everything will be fine, right?

It doesn’t quite work that way.

Even if an organisation pays up, they’re still going to have to do a lot of work to restore the data. So, what they’re dealing with is the cost of being held hostage, as well as the money required to get everything back to a state of normality.

The fact is that the costs required to recover data and get things up and running again are likely to be the same whether they get data from backups or from the crooks involved. Pay the ransom, and organisations will have another big cost on top.

Dealing with ransomware

The good thing about ransomware as a service is that the scattergun approach means there are lots of copies of the software floating around. This means, unlike bespoke ransomware software, the tools needed to defend against an attack are easily and quickly updated and so if an organisation has anti-ransomware software on their network, they’ll generally be protected.

The key here is to have the crucial elements in place. First, start with the assumption that an organisation will be hit and plan a cybersecurity strategy accordingly based on that idea. Preparation is the best defence. Organisations should also invest in anti-ransomware technology – according to our survey, 24 per cent of companies attacked were able to stop the attack with the right technology they had in place before it could have an effect.

It’s also wise to protect your data wherever it’s held. Ransomware doesn’t discriminate, and attackers can hold data that’s in the public cloud as easily as it does on-premises. Organisations should have regular backups in place and store data offsite and offline, so that if they are hit, they can recover as quickly as possible and get back to business as usual.

The ransomware landscape is changing. RaaS is the new normal, but with the right defences and a cybersecurity plan in place, companies can keep their business intact – and avoid the costs and disruption of a ransomware attack.

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News