Malware developers have been finding new attack vectors and payloads for their offerings since the first virus was released into the wild. Cyber Security is now an item at or near the top of any IT heads worklist.
One type of malware that causes havoc is ransomware. Simply put, ransomware encrypts systems or user data, preventing user access to it. The hacker then demands payment to provide an unlock key that will allow users access once again.
The most obvious costs of recovering from a ransomware attack are easily identified as being the costs of the ransom itself, and the costs of recovery. There are, however, other hidden costs, perhaps not so easily quantifiable but still there. They will include such items as staff overtime, lost revenue, and other indirect costs. There will also be the cost of new cyber security defences and user awareness training.
Here are four hidden costs we have thought of:
Loss of reputation
For all businesses with an online presence and particularly online traders, reputation is everything. Online purchasers need to feel confident and comfortable that their personal and financial data is securely stored. Any hint that it has been compromised and they will not shop with you.
It also flows over into other areas of the company’s image. A poor reputation for managing customers personal and financial data will inevitably lead to a lowering in the perception of the quality of the company’s products.
Loss of reputation also has effects on the company’s cost of doing business. A poor reputation will increase loan costs as potential lenders and insurers carry out their risk analyses. Potential investors will prefer other similar companies with a better reputation.
In short, the business has a double whammy of declining income and increasing operating costs.
The worst case, loss of reputation could be a fatal blow to an organisation.
Any hint in the media that customer’s personal and financial details have been stolen will mean that potential customers will shop elsewhere. Even if it is only a general enquiry, people will be reluctant to put forward their correct contact details.
The unavailability of the systems managing customer orders and deliveries make it difficult to manage basic business operations, including recording and tracking orders, and managing production schedules. One particular area of concern is that of managing cash. It can be difficult to find out who is due to pay outstanding invoices and if they are exceeding their credit limit. Paying suppliers is also a concern.
In short, there will be reductions in cash income, and other potential unquantifiable losses because it will be difficult to keep a hand on the exact cash position at any time.
Putting temporary fixes in play will cost money because you will almost certainly require extra temporary staff, including:
- Subject matter experts to help IT.
- Clerical assistance with normal business processes and to create and manage manual documents, including customer and supplier lists, sales and procurement documents.
- Accounting assistance to manage accounting records.
Business must go on while you recover from the attack. It seems that recovery could take at least two weeks to full completion. In that time management of cash is a key aspect of business management. It’s not rocket science, businesses were manged for centuries without computer software. It’s just a matter of reinstating manual processes.
Often current information can be recovered from paper records. For example, additional staff can create shipping status reports from dispatch notes. Income statements can be maintained from daily bank statements. Using your internet connection from a PC will allow you to use online banking applications to make payments, including wages and salaries.
Your phone bill will increase.
Technology and Training
There will be future unquantifiable cyber security costs of new hardware and software to secure the corporate network against future malware and particularly ransomware attacks. There will also be the costs of courses and workshops to increase staff awareness of malware attacks in general and increasing the skills of the network security staff.
A ransomware attack can be devastating to a business. The best thing is not to panic and consider how the business can keep running while IT sort out the effects of the ransomware attack. After all, businesses operated for many years without software assistance.