Skip to content

October 20, 2021 | Brian Anderson

Not-So-Obvious Effects of Ransomware Attacks

We know that ransomware is, in very basic terms, when hackers gain access to and infect computers with malicious software, encrypt files or systems, and then demand a ransom for victims to regain access to those files. But what about the less-publicized implications of this form of malware, some of which will have long-term effects on any business susceptible to attacks in the future?

Here are two not-so-obvious impacts of ransomware attacks, plus a suggested solution that can help you avoid dealing with those impacts in the future.  

Not-so-obvious ransomware effects

While the figures above may be more familiar to you, there are many less obvious ripple effects at play.  

Industry ripple-effects caused by ransomware attacks

The Colonial Pipeline ransomware attack forced the business to stall its operations in May 2021. This shutdown prompted customers to flood gas stations amid fears of an impending gas shortage. Colonial Pipeline ended up paying upwards of $5 million to the hackers via Bitcoin to get operations back up and running. However, the damage was already felt across the country, especially in areas closest to the Colonial Pipeline.  

The talk of a possible gas shortage prompted an actual temporary gas shortage, with customers hoarding gas and even storing it in dangerous ways. This artificially generated shortage caused real consequences for people who did not go out to gas stations during this time, inhibiting their ability to commute once their car ran out of gas. The impact on one industry can ripple out to many other industries depending on the scale of the attack and the customer base affected.  

Cyber insurance consequences related to ransomware

More payouts

With ransomware attacks increasing, payouts from cyber insurance have also increased. Cases and extortion demands were up 400% in the past year, and cyber insurance payouts are now at the break-even point of 70%. The profitability for the industry at its current coverage costs and levels has dwindled.  

Cyber insurance market size

Right now, it is estimated that the cyber insurance market will grow an average of 21 percent annually worldwide through 2025. If ransomware attacks continue to set records, it would not be surprising to see the industry grow even faster.  

Insurance clients are opting in to cyber insurance more than ever. About one-quarter (26%) were investing in 2016, up to almost half (47%) in 2020.  

Coverage and price changes

To meet demand and try to stay profitable, companies raised cyber insurance prices between 10 and 30 percent at the end of 2020. Coverage is now often sold as a standalone instead of bundled in with other services. Plus, insurance companies are lowering the coverage limits depending on the industry, including healthcare and education.  

Coverage can include costs for the data breaches, data recovery, business interruption, and cyberextortion, as well as third-party costs from legal expenses, privacy claims, and more. As attacks increase and ransomware groups become more sophisticated, coverage limits and scope may also change.  

Insurance cost changes

While the average cost of cyber insurance decreased in 2020 compared to 2019 ($1,485 compared to $1,501), the drop of 1% was mostly due to the highest-priced insurers exiting the market or lowering their premiums. The average cost in 2021 is now $1,589, up approximately 7% from the previous year. The average cost is likely to continue to increase after 2021, seeing as how we’ve experienced a record number of attacks in the first 6 months of 2021 alone.  

Rates impacted by the type of business

The size and industry of your business are likely to determine how much coverage will cost you. If the above industries continue to get hit at above-average rates, for example, expect the cost of your coverage to be higher if your business is in one of those industries. The size of your business also plays a role. The more employees you have, the more you will be at risk for social engineering and phishing attempts, for example.  

New requirements for insurance coverage

When workers migrated en masse to remote environments, it put an added strain on cybersecurity. Unsecure connectivity and human risks including increased susceptibility to spear phishing were all opportunities for cybercriminals to prey on the workforce. Policies are changing along with the changing work landscape, but some are still adapting. There may always be gaps in coverage for instances including personal outages for employees in home offices, for example.  

While it’s hard to say what the next couple of years holds, insurance changes will probably depend on how tightly businesses secure their data moving forward. The cost of ransomware coverage is likely to go up and come with more conditions, including companies being able to ensure that they have strong policies and systems in place.  

How to protect against ransomware infections

Businesses are up against new challenges every day as ransomware continues to expand and affect organizations of all industries and sizes. Luckily, there are some solutions that can help you combat the risks of ransomware regardless of industry or computer system configuration – XDR and data recovery.  

How to protect before an attack

Detection is key when a ransomware security threat occurs. TierPoint’s XDR (Extended Detection and Response) service offers a comprehensive approach to cybersecurity monitoring and incident response. You can find the signal through the noise because XDR takes a large stream of alerts coming in and shrinks it down to a smaller number of incidents that need to be investigated.  

How to recover after an attack

Of course, even with the best-laid plans and comprehensive defenses in place, no business is 100% safe when attacks occur. Front-end security is not infallible. That’s why you need a data recovery component as your best second line of defense.  

Depending on the workload of your business, you may have multiple recovery time objectives (RTOs) and recovery point objectives (RPOs). Whether you’re looking to restore files locally or recover applications to help get your organization back on track, backup and disaster recovery operations can be hugely effective in getting you back to an operational state.  

We can help you protect and recover from ransomware attacks

We can help you create a ransomware response plan. At TierPoint, we can help businesses with preventing and recovering from ransomware attacks. Our security solutions help businesses protect and isolate data and our cloud-based disaster recovery solutions help businesses back up and recover critical systems and data after an attack. 

If you’re ready to strengthen your first and second line of defense against ransomware attacks, learn more about our XDR and Disaster Recovery solutions.  

Strategic Guide to IT Security_2020 edition

Subscribe to the TierPoint blog

We’ll send you a link to new blog posts whenever we publish, usually once a week.