Beyond the bottom line: The unseen costs of ransomware

Ransomware has dominated the headlines for the past two years. As a result, most are well aware that successful attacks can be — and often are — financially devastating for businesses. Typically, these conversations centre around the monetary cost of ransom and whether it is a worthwhile expense for businesses to pay.

Ransomware attacks remain a significant and frequent threat to businesses. According to Veeam’s Data Protection Trends Report 2024, 76% of businesses fell victim to at least one attack last year. More attention should be paid to the less immediately obvious impacts organisations face, such as employee burnout, cost to consumers, and more. Businesses need to be aware of what these costs can look like.

The ransomware economy

These days, most people recognise that ransomware is, unfortunately, a fact of life for modern businesses and organisations of all sizes. However, less attention is paid to the wider impacts of so many businesses facing financial losses as a result of ransomware attacks. Ransomware is not just a business challenge; it’s a significant macroeconomic factor.

Ransomware is driving inflation. Veeam commissioned a survey of UK business leaders, which found that almost all businesses raised their prices to customers in the wake of a ransomware attack, with 68% having to increase their prices by 11% or more. At the time, inflation in the UK was at a rate of 4.6%, which makes it clear that ransomware has a huge potential to disrupt the economy — more so than other key market factors.

This puts businesses in even more of a difficult position. At a time when consumers increasingly demand that businesses keep their data safe, they’re also demanding that businesses offer accessible prices as the costs of living spiral. Ransomware is making both of these a serious challenge. If businesses want to keep their customers, they need to keep their data safe so they can keep their costs down.

Financing crime 

It’s easy to forget that cybercrime is an industry in itself. While many cyberattacks do come from lone amateur hackers, most often the attacks with the widest-ranging impacts come from organised groups. Though it can feel strange to think of them as such, given they are criminals, cyberattackers are increasingly professionalised, and their strategy is to extort their victims for as much money as possible.

An example of this is the Rhysida group, which in October 2023 claimed the British Library in a high-profile attack from which the organisation has yet to fully recover. At the same time, the group — which has also hit organisations in Europe, the Middle East, and South America — crippled the systems of the Toronto Public Library.

While it’s understandable to be tempted to pay a ransom during the chaos of an attack, doing so finances crime. Your organisation’s payment will give these groups the resources to attack other businesses, public services, and critical national infrastructure.

Attacking a library of global significance sounds alarm bells, but when critical national infrastructure is attacked, lives are endangered. For example, earlier this year, more than one hundred Romanian healthcare facilities were hit by a ransomware attack. Fortunately, the majority of these hospitals were prepared with recent data backups, meaning that systems could get up and running quicker than otherwise, limiting the impact on patients.

This highlights the importance of nailing your backup and recovery strategy to not only stop ransomware attackers in their tracks but also to break the payment chain.

Building resilience

If your business falls victim to a ransomware attack, it will cost you. For the worst attacks, the financial costs are huge and wide-ranging — including the cost of downtime, legal costs, reputation management, and the cost of recovering data. Separate from this, you also stand to lose not only customers but employees too, as the mental health consequences of working for an attacked organisation can push employees to seek other roles.

The best way (in fact, the only way) to protect your business against the range of costs associated with ransomware attacks is to nail your backup and recovery strategy so attackers don’t get a look in. While ransomware is an inevitability for most modern organisations, catastrophe isn’t.

The best way to develop a robust backup strategy is by following the enhanced 3-2-1 backup rule, which becomes the 3-2-1-1-0 rule. This requires three copies of data, across two different media types, with one copy offsite, one copy immutable, offline and air gapped, and all of this data with zero errors. By making sure that you have several error-free backups across different media and locations, you can ensure that even if hackers get their hands on one of your backups, you’ll always have a clean copy to recover from.

Fundamentally, to keep your costs under control, you need to make sure it isn’t worthwhile for hackers to spend their time and resources trying to break in and steal your data. While you can’t remove the possibility of a ransomware attack, you can take its power away.