It’s an expensive business for the companies involved – according to the report, the average cost of a ransomware breach in 2020 was $4.44 million. With everyone from corporations to local government and health organisations all having been on the receiving end of ransomware attacks in 2020, they show no sign of slowing going into the new year. Of those, 81% were ransomware attacks. The others were made up of point of sale intrusions, ecommerce attacks and business email compromise. The report makes for uncomfortable reading even for those who haven’t been hit with ransomware yet. Studies show that over half of businesses have been targeted by ransomware. The increase in ransomware attacks can be blamed on the ongoing pandemic, which has seen an unprecedented increase in remote working, leading to a catalog of potential system weaknesses as companies struggle to set up secure staff access to their infrastructures from a variety of different devices and locations. According to BitDefender, ransomware attacks jumped 715% in 2020.
1. Garmin
Ordinarily being number one is the spot to strive for, but we suspect that Garmin could do without this particular accolade. According to the report, it was responsible for the biggest pay out, a huge $10 million, when it was the victim of a hack in July 2020. The attack made headlines, and saw a majority of the companies servers go down, meaning that its customers were unable to use their devices, including smartwatches and aviation products. The outage lasted four days. While it’s worth noting that the company never publicly acknowledged to have paid the ransom, insiders believe it’s the only avenue the company had to restoring its services.
2. CWT Global
This travel management company also received an unwelcome ransomware bill for $10 million but managed to negotiate it down to a slightly more palatable $4.5 million. The attack also took place in July 2020, and used Ragnar Locker software, which is specially designed to target software used by managed service providers.
3. Travelex
This British foreign exchange firm, like CWT Global, were also able to negotiate the requested sum, bringing the initial ransom of $6 million down to ‘just’ $2.3 million. The organisation behind the hack, the Sodinokibi gang, an organisation thought to be based in Russia, downloaded and encrypted 5GB of valuable company data. Once a ransomware attack is successful, valuable company data is held hostage, until the ransom is paid. Attempts to circumvent the ransomware can result in either its permanent loss, or public leaking, threatening corporate secrets and sensitive personal data. Hackers look for vulnerabilities in company systems to install their ransomware, so it follows that one of the best ways to protect yourself is to reduce the potential number of these. The ongoing pandemic has proven challenging for many companies, juggling remote working employees, which is why many have mandated the use of VPNs. A VPN can hide your personal and company data, routing users through a secure server and essentially rendering them anonymous. This makes identify personal data, and attacks, much harder. Like any system, it’s not infallible, but it’s certainly a better course of protection that just leaving the security of your company’s data up to chance. Read our guide to the best VPN for businesses