Ransomware incidents rates have increased threefold since Q4 2018, according to a new report from Aon, with average costs escalating at a similar rate.
The Cyber Practice Group of Aon’s Reinsurance Solutions business found that the costs of ransomware attacks continued to increase across all sectors this year, with payments tripling from an average of $12,762 to $36,295 in the second quarter alone.
This cost accounts for both recovery expenses – including ransom payments, forensic fees and assistance rebuilding servers – and downtime costs.
The average downtime increased from 7.3 days in Q1 to 9.6 days in Q3, and Aon noted that these costs are typically 5-10 times larger than the actual ransom amounts, due to lost productivity and revenue opportunities.
Analysts largely attributed these trends to the growth of ransomware as a service (RaaS), which has played a key role in raising downtimes as well as frequency.
RaaS allows even novice hackers and black hat operatives to adopt traditional Software as a Service (SaaS) models to enable criminal enterprise
Cybercriminals may write ransomware code and sell or rent it under an affiliate program for a quick profit to others intending to launch an attack, or even offer an entire platform to manage ransomware campaigns.
Aon’s report seems to support recent findings from Beazley, who reported a 37% increase in ransomware attacks from Q2 to Q3 this year, with cyber criminals increasingly looking to exploit weak security programs of IT vendors
Beazley found that 24% of ransomware incidents originated with attack on an IT vendor or managed service provider (MSP), with small businesses making up 63% of all ransomware incidents in the first nine months of 2019.
Willis Towers Watson similarly reported last week that primary and excess cyber renewals are currently averaging premium increases in the 5-10% range, driven by an explosion of ransomware losses during the second half of 2019.
The firm also observed an increase in the cost of data breaches, but stated that the main drivers were reputational and regulatory costs.
Aon, on the other hand, believes that RaaS has contributed to more significantly to upward trends in both frequency and severity of claims, due to less reliable data recovery and ransom payment success rates.
Analysts argued that less reliable data recovery is symptomatic of novice hackers utilizing RaaS models, noting that data recovery is becoming less certain despite the fact that as many as 96% of organisations that pay a ransom receive working decryption tools.