Your company’s ability to tackle the ransomware threat head-on can ultimately be a competitive advantage
“Everybody has a plan until they get punched in the mouth.”
Mike Tyson’s punchy (pun intended) adage rings all too true for organizations reeling from a ransomware attack. In recent years, ransomware has proven capable of bringing even a thriving business to its knees in a matter of hours, and it’s safe to say that it will continue to sucker-punch organizations of all stripes, testing their cyber-mettle and contingency plans in ways few other threats can match.
There’s no shortage of data and actual incidents to bear this out. According to Verizon’s 2024 Data Breach Investigations Report, one-third of all data breaches involve ransomware or another extortion technique. "Ransomware was a top threat across 92% of industries," reads the report.
Even more concerning is that this threat may not come alone; it can also be integrated with supply chain attacks, as seen in the Kaseya incident in 2021, where malicious actors exploited vulnerabilities in IT management systems to widely propagate ransomware across organizations worldwide.
Bruised and battered
When news of a ransomware attack breaks, headlines often focus on the enormous ransom amounts and the debate over whether or not to pay. However, what is often overlooked is the psychological trauma faced by organizations and their employees, especially if the attack involves data exfiltration and threats to disclose the data publicly.
When systems go down, businesses don't just "pause." Instead, they lose revenue, business opportunities, and reputation with every passing second. The damage spreads rapidly as recovery takes days or even months. Although the concept of ransomware seems simple—encrypt critical business data and demand payment for its release—the ensuing consequences are complex, impacting operations, finances, and reputation.
Again, there is ample data to show that a successful ransomware incident costs victims dearly. IBM’s Cost of a Data Breach Report 2024, for example, puts the average cost of recovery from such an attack at close to US$5 million.
Throwing a lifeline
Generally, organizations that fall victim to ransomware have three main avenues for survival:
- Recovering systems from backups.
- Using decryption tools obtained from security researchers (e.g., the No More Ransom project, in which ESET participates).
- Paying the ransom to get a decryption tool.
what if all three of these options fail?
In many cases, hackers plan to compromise backup systems first, then release ransomware into the production environment. This means that even if you have backups, they might also be encrypted. Decryption tools from researchers are not always immediately available, and sometimes they don't work with all strains of ransomware.
The last resort is "paying the ransom." Besides the risk of legal or regulatory violations, there's no guarantee that you'll receive a usable decryption tool. The case of Colonial Pipeline, which paid over US$4.4 million in ransom, found that the tool they received was ineffective, and they ultimately had to recover from backups anyway (later, the U.S. Department of Justice was able to recover some of the money).
A New Solution from ESET
ESET has introduced a new approach called Ransomware Remediation, which integrates prevention and recovery. The system creates targeted file backups that ransomware cannot access, and it begins this process immediately upon detecting suspicious ransomware behavior. This method helps reduce the risk of unknowingly relying on compromised or encrypted backups.
Bracing for impact
Ransomware is a threat that can severely and rapidly disrupt business operations. However, for organizations with effective prevention plans and recovery strategies, they will not only be able to overcome the crisis but may also become an organization with a competitive advantage.
In an ever-changing digital world, uncertainty is the only constant. Having the resilience to prepare for the unexpected is not just a necessity – it is the foundation of business survival.
Prepare for the unknown – because your business truly depends on it.