Check Point Research, part of cybersecurity firm Check Point Software Technologies, has provided unparalleled insight into the economics behind ransomware attacks. Insights were drawn from analysis of data breaches by the Conti group and various datasets on victims from cyber consultancy Kovrr.
While sometimes demanding millions of ransoms is already costly, CPR estimates that the total cost of an attack is on average 7 times higher. This is because of additional expenses for recovery, future security and monitoring and legal aid.
The amount requested is not arbitrary, but is calculated on the basis of the victim’s annual income. For this, a ratio between 0.7 and 5 percent is required, depending on the turnover level. In addition, the quality of the data obtained, the financial and market position of the company, the existence of cyber insurance, the expected approach to the victim and the reputation of the attacking group are also taken into account.
Reports from the Conti group show that there is a strict internal hierarchy and the operation is run almost like a company. There are clear guidelines on payment terms and possible discounts for quick checkout.
Organizations are becoming increasingly aware of threats, says NZahier Madhar, security engineer specialist at Check Point Software. As a result, they are better prepared and the average time for a ransomware attack is reduced. It fell from 15 days to 9 days in 2021.
In the first quarter of 2022, an average of 1 out of 68 organizations in Europe were affected, up 16 percent from 1 in 80 a year ago. With an average of 77 people affected each week in Belgium, 6.4% of attacks were with the Emotet malware. This is a self-spreading trojan that prevents detection in various ways.
Source: Hardware Info
