Downtime is a key cost of ransomware attacks

The cost of downtime due to lack of access to systems for customers and employees was the biggest business impact of a ransomware attack according to 59 percent of respondents to a new survey.

The study from cyber security company Imperva also shows that 32 percent of respondents say their company has been infected with ransomware with 11 percent taking longer than a week to regain access to their systems after an attack.

"Whether companies choose to pay the extortion or not, the real cost of ransomware is downtime and lost productivity," says Terry Ray, chief product strategist at Imperva. "Even if victims have backup files or are willing to pay the ransom, the cost associated with productivity downtime adds up quickly. What's more, the availability of ransomware-as-a-service, combined with high profits for the attackers, means ransomware attacks are likely to escalate in 2017."

A worrying 21 percent of respondents say they would be willing to pay a ransom to avoid downtime. Perhaps not so surprising when 29 percent say that if their company suffered a ransomware attack which resulted in downtime, they would be losing between $5,000 and $20,000 a day. 27 percent thought that the amount could be over $20,000 a day.

"The interesting thing about ransomware is how simple it is to execute and how easy it is to inflict damage. Organizations tend to think of hacking as though it was rocket science which always puts them on the losing end. The reality is that hacking is most often simple, and mitigating it requires proper attention and tools which do exist and are within reach of most enterprises. Hacking is a serious business and enterprises should, therefore, treat information security seriously," Ray concludes.

You can read more about the findings on the Imperva blog.

Photo credit: wsf-s / Shutterstock