As of Q319, leading experts like McAfee observed over 100% growth in ransomware attacks globally. FireEye recently identified how threat actors are collaborating in efforts to launch ransomware attacks, a trend that will grow in 2020.
Global ransomware damage costs are estimated to reach $20 billion by 2021—57 times more than reported in 2015—according to Cybersecurity Ventures.
Though local governments in the United States have received most of the media attention, largely because they are not able to conceal breaches in the same way companies can (cases like Maersk, Norsk Hydro, Pitney Bowes, and, most recently, Travelex highlight the business disruption risk and potential financial impact to companies—something likely to continue with greater frequency this year).
Travelex is the latest high-profile ransomware victim in the corporate world and highlights why these business disruption breaches are the most damaging a company can experience—a marked departure from the popular association of cyber risk as “risk of data loss,” especially customer data loss.
Ransomware is so financially damaging to a company primarily because of the disruption caused to business operations and the costs involved in repairing the damage after the ransomware is lifted (a fact gaining increasing attention from law enforcement, such as the FBI). These incidents lead to higher costs (due to necessary repairs to networks in the wake of breaches) and constrained cash flows that can further weigh down an already depressed share price.
Just over one week after the report of the Travelex attack surfaced, parent company Finablr stated it “did not currently expect to suffer any material financial impact from the incident.” Though the approximate 39% drop in share price (as of Feb. 7) since the attack is not solely due to the attack on Travelex, the impact of the attack has been significant. Travelex and Finablr will continue to deal with the financial fallout from this incident over the near- to medium-term.
As Norsk Hydro and Maersk have demonstrated, companies can recover from ransomware attacks, but it requires stronger governance and a financial capacity to strengthen security controls and restore public confidence.
When analyzing the rise of ransomware, it is important to examine the full financial impact on companies in the nine-12 months after the vice grip has been removed—beyond the headlines about the short-term business disruption and the damage to a company’s reputation. An increasing number of companies will experience a growing negative financial impact in 2020.