The Average Ransomware Attack Costs Half a Million Dollars. Here’s How to Prevent One

Ransomware attacks cost Canadian organizations an average of almost half a million dollars last year, according to a recent report that offers tips on preventing costly breaches.

A December 2021 report from cybersecurity firm Palo Alto Networks found ransomware attacks cost Canadian organizations an average of $458,247 last year. The majority of victims (58%) said they paid the ransom – and 14% said they paid more than once.

It’s not just the ransoms that are costly – so is the road to recovery. According to the report, 58% of ransomware victims said it took more than a month to recover from an attack. Twenty-nine percent said recovery took more than three months, and 9% said it took more than five or six months to recover.

Attacks Are Sector Agnostic

No sector is safe from ransomware attacks. The report found targets ranged from gas pipelines to meat packing plants, as well as critical services such as hospitals.

The majority of verified attacks in Canada (43) were in the industrial sector, which is particularly vulnerable due to the prevalence of organizations with out-of-date security systems, Palo Alto noted.

The consumer discretionary and consumer staples sector experienced 27 attacks, while the information technology sector had 11 attacks. Government organizations, as well as the financial, real estate and materials sectors, each experienced six attacks.

Many ransomware attacks go unreported, so it’s likely the numbers in the Palo Alto report represent only a small portion of the attacks that took place last year.

Who’s Demanding the Ransom?

According to the report, Conti ransomware was the most prevalent form of attack last year, claiming 31 victims in Canada. Palo Alto described Conti as one of the most “ruthless” forms of ransomware, often targeting hospitals, emergency services and law enforcement – and sometimes refusing to return stolen data after receiving a ransom payment.

Other common forms of ransomware last year were LockBit 2.0 (15 victims), Avaddon (eight victims), PYSA and Clop (both claimed seven victims).

Preventing Attacks

The Palo Alto report recommended organizations adopt a number of strategies to limit their risk of ransomware attacks, including:

  • Blocking unknown traffic on system networks
  • Blocking known phishing URLs and malicious URLs
  • Analyzing incoming files for malicious behavior

The MLT Aikins Privacy, Data Protection & Cybersecurity team has extensive experience helping clients across Western Canada manage cybersecurity risks, conduct strategic risk assessments and implement effective incident response planning. We have helped organizations in a variety of sectors develop effective strategies to prevent and respond to ransomware attacks. Download our cybersecurity checklist to assess your organization’s current cybersecurity strategy.

MLT Aikins Cybersecurity Checklist

Note: This article is of a general nature only and is not exhaustive of all possible legal rights or remedies. In addition, laws may change over time and should be interpreted only in the context of particular circumstances such that these materials are not intended to be relied upon or taken as legal advice or opinion. Readers should consult a legal professional for specific advice in any particular situation.