The researchers, which analyzed data from several thousand cyberattacks, found that the cost of system restorations, monitoring efforts, and overall business disruption contributed to these total expenses. The report also revealed that double extortion ransomware attacks are costing businesses more and more every year, suggesting that the need for effective cybersecurity tools has never been greater.

What Did The Ransomware Research Find?

Ransomware – a type of malware to denies users access to their data until they pay a ransom payment – is one of the fastest-growing cyber security threats facing businesses. In the US, the average ransomware payment for victims totals more than $6 million, but according to new research from Check Point, this figure is only scraping the surface. The IT security firm analyzed data from public sources and information obtained from the Kovrr database to identify the total cost of ransomware attacks. They found that the original ransom payment only costs businesses 15% of the total cost of attacks, with expenses like lost business opportunities, employee downtime, and legal costs making up the rest of the sum. Check Point also found that threat actors appear to follow a specific pattern when determining how much to charge their victims. First, they assess the target’s financial records, and then they demand a fee that’s typically between 0.7% and 5% of their annual revenue.

Double Extortion Tactics Are Costing Businesses More

One reason why ransomware attacks are costing businesses more than ever is because of the growing use of double extortion tactics. Double extortion, also referred to as ‘pay-now-or-get-breached’ is a strategy where criminals steal a victim’s data before encrypting their files. In doing so, malicious actors are able to threaten to leak or sell an individual or organization’s data if they refuse to pay the ransom. This type of attack is bad news for any victim, but has a particularly grave impact on businesses. This is because organizations need to deal with the additional risk of lost customer data, and the massive implications this could have on consumer trust and brand reputation. Unfortunately, due to the high cost of lost business, this means that companies struck with double extortion often will incur greater financial losses, even if they decide to pay the ransom in full. But while minimizing the duration of these attacks is great, how can you avert them entirely?

Here’s How Your Business Can Prevent Ransomware Attacks

According to Check Point, preventing these incidents from happening in the first place is the best way to remain safe online. While you can’t stop yourself from being targeted, here’s how you can – of these ransomware attacks.

Keep devices updated – It’s much easier for malicious actors to hack outdated systems. Stay one step ahead and regularly keep your software up to date.Invest in ransomware software – One of the simplest ways to evade online threats is to buy – and regularly update – antivirus software.Educate your workforce – Human error is a leading cause of security breaches. By educating your staff about the risks of ransomware, you can keep violations to a minimum.Use two-factor authentication – By protecting your data with more than a strong password, you can add an extra layer of mitigation between you and potential threats.