If your company is worried about the financial hit of paying a ransom to cybercriminals after a ransomware attack, wait until they find out the true cost of a ransomware attack. Because the total costs of recovering from the ransomware attack are likely to be much, much higher.

That’s the finding of a new study by researchers at Check Point, who discovered that the average total cost of a ransomware attack is more than seven times higher than the average ransom paid.

While media reports often focus on the amount paid by businesses to their ransomware extortionists, there are many other financial considerations to take into account – including the cost associated with incident response and restoration of systems, legal fees, and monitoring costs.

When you take that into consideration, it is clear that there are much more significant costs than that of paying the ransom itself.

Looking at a wealth of information leaked from the Conti ransomware group, the Check Point researchers found evidence of ever-increasing professionalism from the criminal gangs in their attempt to make as much money as possible from their victims:

“Ransomware gangs are alarmingly similar to legitimate organizations with clear management structures and HR policies. The sophistication of these ransomware groups even extends to the targeting of victims and how a ransom figure is decided as well as the negotiation techniques they use to exact maximum financial gain.”

Ransomware operators have become sophisticated negotiators – recognising that “offering a big discount to a victim simply because the initial asking price was far too high, could compromise future operations if other victims got to find out about it.”

The notorious Conti cybercrime group, for instance, will consult public sources such as ZoomInfo and DNB to determine a corporate victim’s annual revenue, and adjust (Read more...)