Ransomware Cost Estimator
Ransomware is a variant of malware that specifically targets files and systems by encrypting them with a protocol that cannot be broken without the correct decryption key. Ransomware operators will encrypt files and offer their victim a key in return for payment, typically in untraceable cryptocurrencies such as Bitcoin.
In recent years, ransomware has expanded far beyond its origins in malicious drive-by downloads on pirate and adult content websites. With the industrialization of the Cybercrime industry and the rise of ransomware-as-a-service providers, ransomware has now become a weapon of choice for threat actors worldwide.
A troubling trend in the ransomware space is the transition from encryption-only practices to threats, extortion, and theft. Backups are no longer a sufficient defense as many ransomware groups will conduct covert surveillance on their targets, steal data, and will threaten to publish information online unless a ransom demand is met. They have also added Distributed Denial of Service attacks on web-centric businesses to increase the pain level to accelerate the decision towards ransom payment.
Types of Costs Incurred
A significant ransomware infection will incur both direct and indirect costs to the victim organization. Direct costs include, but are not limited to, out of pocket costs to cover engaging security incident response and remediation services, legal services, and the purchase of additional technology to bolster defenses. The larger portion of costs are indirect costs which can be categorized in two areas: Loss of productivity from staff (operational loss) and loss in revenue from lost opportunities or lost business (reputational loss).