Cyber extortion: Ransomware results in R140 million loss for SA companies

A study has revealed that businesses in South Africa have lost millions because of ransomware.

Ransomware is a type of malicious software that encrypts a victim’s files and demands a ransom in exchange for the decryption key. This can also be viewed as a form of cyber extortion.

The Nclose State of Ransomware in South Africa study show that 14 businesses, which amounts to 2.8% of respondents suffered impacts exceeding R10 million each, a collective loss of over R140 million for the group.  

Companies lose millions due to ransomware

Stephen Osler, Co-Founder and Business Development Director at Nclose say the study surveyed 500 respondents in the country at the beginning of August. He adds that the figures that came out of the study are not a surprise.

Apart from the companies that have lost more than R10 million each, 8.6% of the respondents said they lost between R1 million to R10 million. While 24% experienced losses between R100,000 and R1 million. 28% of respondents reported no financial impact.

He added these costs are also associated with remediation and downtime.

ALSO READ: Average cost of a data breach in SA is R53.1m – Report

How many companies experience ransomware

The study also found that 63.2% of the respondents had experienced at least one ransomware attack in the past 24 months. Of these, 27,8% faced 1-2 attacks, 23,2% encountered 3-5 attacks, and 12,2% dealt with 6 or more incidents.

“Most organisations hesitate to disclose when attackers target them, so we don’t know the true extent of ransomware attacks in South Africa.”

Olser also noted that cybercrime and ransomware attacks are rising in the country.

ALSO READ: Hackers out to get you? Here’s 5 tips to stay ahead

Recovery times

He says the ripple effects of the attack are heavy. Some companies take time to recover from the attack, which will cost them money. 13.8% of their respondents said they recovered in less than 24 hours; 19% recovered after over a week.

What Osler finds most concerning is companies that have still not recovered from the attack, which is 5.6% of their respondents. “Taking over a week to recover is a long time, and it likely came at a significant cost, including impacts to daily operations that may not be fully accounted for in reported losses.”

ALSO READ: National Health Lab hit by cyber attack, systems down

Learning from experience

70,8% of respondents said they are confident in their ability to prevent future ransomware attacks.

“This optimism is backed by tangible changes in organisational priorities and resource allocation.”

74,6% of organisations consider cybersecurity a high or top priority, 23% allocate over 20% of their IT budget to cybersecurity, and 20% dedicate 16-20% of their IT budget to cyber defence.

Almost 60% of respondents expect an increase in ransomware attacks over the next year.

“The threat of a ransomware attack is a higher priority than it was a few years ago. It was surprising, however, to note that 19 respondents said cybersecurity was a low priority or not a priority. I assume they don’t understand the risks associated or don’t perceive cybersecurity as a necessity for their business.”

NOW READ: How to stay cybersafe and avoid cybercrime when travel planning