Latest News

Recovery from the massive ransomware attack in May 2021 will cost the Irish healthcare system well over half of a billion dollars. 

Health Service Executive (HSE) is reporting that the May ransomware attack on their systems will likely cost them as much as $600 million. HSE’s director general Paul Reid provided the estimate in a recent hearing with Ireland’s legislative body, Oireachtas.

The publicly funded healthcare system was first infected with ransomware on May 14, and the ensuing ordeal levied a series of expenses on HSE. At first, the immediate costs of response and recovery came to approximately $120 million. Ongoing upgrades and replacements in the following months would cost as much as $480 million. This expense also included the hiring of technical experts to consult on the process and manage remediation. 

How Did The Ransomware Attack Occur?

On May 14, staff noted that the IT network at a maternity hospital in Dublin had been infected with ransomware. As they investigated the extent of the attack, it became clear that the attack could have affected the full range of HSE systems throughout Ireland. The HSE chose to shut down all systems while they attempted to deal with the attack. The cybercriminals responsible (Conti) demanded a $19 million ransom, which HSE declined to pay.

How Does Ransomware Cause So Much Damage?

Cybereason recently conducted a survey of 1,263 cybersecurity professionals to study the real-world effects of ransomware. There are a number of key costs that will come with a ransomware attack, including:

1. Ransom: This is the most obvious cost, and it just keeps going up. According to cybersecurity company Coveware, what was an average ransom of $6,733 in 2018 has increased to $12,672 in 2019. As of this year, Cybereason reports that 35% of respondents who paid a ransom said it cost them between $350,000 and $1.4 million; 7% paid more than $1.4 million.
   
   
2. Loss Of Revenue: Beyond the actual ransom paid, targets also noted a loss in business as well. 66% of respondents in the Cybereason study reported that their organisations were hit by major losses in revenue due to a ransomware attack.
   
   
3. Downtime: As Kaspersky notes, 34% of businesses hit by ransomware take up to a week to regain access to data. In that week, you’re still incurring costs associated with downtime while you and your staff can’t access your data.
   
   That’s time in which you can’t get work done, can’t serve your clients, can’t gain new business, and yet, still have to pay your employee wages and ongoing costs to keep the lights on.
   
   
4. Reputational Damage: Current and future clients will think twice about working with a company that was infected by ransomware. A little over half (53%) of Cybereason’s respondents reported suffering brand and reputation damage because of ransomware.
   
   
5. Personnel: The fallout of a ransomware attack can often lead to loss of staff as well, either as a matter of damage control (laying off responsible C-Level executives) or as a response to lower revenue (layoffs). 32% of those polled by Cybereason reported that C-suite members left their organisation, and 29% of the organisations surveyed had to lay off employees
   
   
6. Remediation: Lastly, there’s the cost of damage control. Do you have to hire an IT company to help you out? Do you have to hire a forensic cybersecurity crew to determine how you were attacked? Do you have to pay fines for breaching regulations? These all get added to the bill for getting hit by ransomware.
   
   

Finally, there’s always the chance that all these costs combined will spell the end for the business in question. According to Cybereason, 26% of respondents had to close their businesses for good. 

How Do You Protect Your Business?

It is recommended that organisations continue to be vigilant when it comes to safeguarding systems and educating employees. Not every organisation is the same. Similarly, the risks within each organisation are different. 

Two key areas of focus to reduce your organisations’ risk from ransomware attacks include:

• Conducting a cyber risk assessment along with a vulnerability scan of your systems provides you with the starting blocks to plan and resolve your risks to ransomware.
  
  
• Ensuring employees receive proper awareness training and that prevention controls are in place and comprehensive.

What Would Happen If You Were Infected With Ransomware Right Now?

Do you have a plan? Are your system endpoints protected? Are your backups recent, tested, and viable?

It’s a mistake to assume that just because you haven’t been hit by ransomware yet, that you won’t be anytime soon. You may think you can put off investing in effective cybersecurity support, but without warning, you may get hit.

Don’t assume you’re safe — working with the CyberUnlocked team, you’ll know for sure.