The Cost of Ransomware

The cyber criminals behind ransomware see their efforts as a volume business.  Charge too much, and victims will not pay. Targeting businesses and organizations in wealthier countries and in cities where people and businesses are most likely able to pay, the typical ransom is often about $500.  More recently, we have heard of ransoms between 1 and 2 bitcoin (about US$600 to US$1300).

The Ransom Payment is Only Part of the Cost

The cost of ransomware can vary significantly depending on several factors, including the size and type of the targeted organization, the extent of the attack, the data that is compromised, and the specific ransom demands. It is challenging to determine a typical cost as each incident is unique. However, the costs associated with a ransomware attack can include:

  1. Ransom Payment: The primary cost is often the ransom amount demanded by the attackers, which can range from a few hundred to millions of dollars.
  2. Recovery and Remediation: Organizations affected by ransomware must invest in forensic investigation, data recovery, system restoration, and strengthening their security infrastructure. These costs can include IT services, incident response teams, and cybersecurity consultants.
  3. Downtime and Productivity Loss: Ransomware attacks can result in significant disruption to business operations, leading to lost productivity, missed opportunities, and potential reputational damage.
  4. Legal and Regulatory Consequences: Organizations may incur legal fees and potential fines if the attack involves compromised customer data or violates data protection regulations.
  5. Reputational Damage: Ransomware attacks can erode customer trust and damage a company’s reputation, potentially leading to long-term financial consequences.

Every victim loses productivity from the start of the attack until it is fully resolved. Whether or not you pay, you still need to conduct a full sweep of all of your systems to ensure the ransomware has been removed. Otherwise, you risk reinfection.

Organization Who Pay the Ransomware Cost

For organizations respond and pay the ransom, they still suffer the time and cost of decrypting and validating files, a process that can consume days or weeks of IT resources. If you choose not to pay, you have the cost of recovering data from before the attacks and re-creating lost information across all of your servers, systems, and applications. We recently spoke with a company that lost less than 6 months of data. After three months, they are still working to recreate lost files and transactions as they have no way of knowing if they have missed any.

A ransomware attack can cost tens of thousands of dollars to clean up. Attacks may also damage valuable customer and vendor relationships and result in higher bookkeeping, accounting, and legal fees.

The Cost to Prevent a Ransomware Attack

The costs associated with cyber protection and prevention and the ability to recover quickly (should an attack breach your defenses) is relatively minor. The value of prevention and preparation is well worth the cost.

Organizations should invest in proactive cybersecurity measures to mitigate the risk and potential cost associated with ransomware attacks.

Learn more

You can protect your business against ransomware attacks. In our new eBook, a Business Guide to Ransomware, you will learn how malware spreads, the different types of ransomware proliferating today, and what you can do to avoid or recover from an attack. Hiding your head in the sand does not work, because today’s ransom seekers play dirty. Make sure your organization is prepared.


For a 1:1 consultation and assessment of your risk, contact us today.