Ransomware Trends and Risks Briefing

June 2021

  • 37% of companies experienced ransomware attacks; 32% paid the ransom to get the data back (Jan -Feb 2021)1
  • 40% of reported ransomware attacks were in The U.S.; 29% of the victims recovered less than half of their data after paying a ransom1
  • Successful ransomware attacks in 2021 have doubled compared with 2020 during the same period1(Total ~65,000 in 20202)
  • Recent high-profile victims paid significant ransom demands, e.g., Colonial Pipelines: $4.4M3; JBS: $11M3; CNA Financial: $40M4
  • Total average cost of recovery from a ransomware attack is close to $2M in 20211(Merck’s recovery from 2017 attack: $1.3B5)
  • Double extorsions – Victim’s customers & suppliers also received ransom demands in exchange for destroying their stolen data

Challenges

  • Ransomware criminal ecosystems are getting more sophisticated and cheaper to operate
  • Companies are usually not ready for ransomware attack response; lack of corporate incident response plan for ransomware

What Should A Company Do?

  1. Conduct an independent assessment by a third-party firm on Corporate Incident Response Readiness for Ransomware in IT, PR, Communication, Legal, Insurance, Law Enforcement, Leadership Team, and Staff Training
  2. Conduct an independent evaluation on your capability in ransom negotiation and payment initiation (if choosing to pay a ransom)
  3. Conduct emergency drills to test and improve the cyber incident response plan effectiveness
  4. Independently assess your IT’s capabilities in resiliency, prevention, detection, response, backup/recovery, and investigation

TOP