The scope of the threat
Intermedia commissioned an independent research firm to conduct a survey of nearly 300 IT experts about the crypto-ransomware threat. The survey respondent panel was carefully screened to include experts that consult with businesses of all sizes on setting up and maintaining IT infrastructures. These are the men and women who are on the front line of business IT challenges such as ransomware.
The full results of the survey are available in Intermedia’s 2016 Crypto-Ransomware Study. This report will focus on three key findings: 1) The biggest cost to businesses is downtime, not the ransom payment; 2) Ransomware is targeting bigger businesses and spreading within corporate networks; and 3) A widespread lack of business continuity planning is what makes ransomware so dangerous (and so lucrative for criminals).
Paying ransom is the least of your worries
When asked to name the business impact of ransomware outbreaks that these consultants have assisted with first-hand, they listed the actual cost of the ransom last. In other words, contrary to popular belief, the actual ransom payment is far from the worst damage caused by ransomware.
Downtime lasts for days
A computer that is discovered to have ransomware must immediately be isolated from the corporate network in the event the malware is programmed to spread. This leaves users without access to their computer while IT contains the virus and restores the device. But even if they can get to their files through alternate devices, the files themselves are encrypted and thus unusable.
There are business continuity solutions for ransomware (more on that below), but the survey results suggest that few businesses have any solution in place: 72% of business users lost access to data for at least two days, and 32% lost access for five days or more.