Ransomware attack cost more than doubles in seven-year period
Businesses, consumers and Government face vulnerabilities from rapid changes prompted by Covid-19
New research carried out by Grant Thornton Ireland has revealed the overall cost of cybercrime to the Irish economy in 2020 to be €9.6bn. The Economic Cost of Cyber report published by Grant Thornton’s Cyber Security team estimates the direct and indirect costs incurred due to cyber-attacks against businesses, individuals, and government. The 2020 research builds on Grant Thornton Ireland’s 2014 Cost of Cyber report, which noted an overall cost to the economy of €630 million due to cybercrime, a figure which has exponentially increased in the latest data.
Phishing and ransomware attacks, along with credit and debit card fraud, and operational technology focused attacks have all increased significantly in recent years with ransomware attacks, in which cybercriminals demand payment for the release of compromised materials, by far the most significant form of cybercrime noted in 2020.
Ransomware attacks alone and the cost of remedying such attacks reached over €2bn in 2020. The €2bn cost of ransomware attacks in 2020 estimates the direct costs associated with these events i.e. ransoms paid, as well as indirect costs such as infrastructure and IT bills and reputational damages incurred through public discussion and media coverage.
The report also notes a 100% increase in computer viruses and a 20% increase in phishing attacks, where fraudulent communications purporting to be from reputable sources were sent to businesses and consumers. This comes as credit and debit card fraud also increased, leading to losses of €12m.
Speaking at the launch of the report today, Head of Cyber Security Services at Grant Thornton Ireland Mike Harris said, ‘We are all very much aware of the risk of cybercrime to businesses and indeed, to consumers, but as a relatively new phenomenon that has emerged in the past decade or so, many businesses and individuals are still grappling with how to insulate against this threat.
‘Cybercriminals are innovative and opportunistic. This means we also need to be innovative in how we mitigate against potential cyber-attack risks. Ransomware attacks, for example, were once targeted mainly at consumers but we now know businesses, organisations and governments are the main targets for these types of crimes.
‘Cyber-attacks, more generally, have huge consequences to balance sheets, reputation, and data protection, and this report highlights that the frequency of these attacks is growing rapidly.’
The past year has demonstrated huge changes and rapid digital transformation for Irish businesses and their employees across the country. Cybercriminals saw these changes as an opportunity to attack businesses, organisations and agencies in the midst of this transformation.
Research continues to show that many employees are accessing work servers remotely and from personal devices which without appropriate measures, offers another route to cyber-attacks for cybercriminals.
Howard Shortt, Director in Forensics & Cyber at Grant Thornton Ireland noted, ‘Now is the time for businesses to review their processes, to test their IT and infrastructure for weaknesses to cyber-attack, and for employees to be trained appropriately to prevent accidental exposure while working on-site or remotely. Not carrying out these preventative measures could lead to large costs in the event of an attack in future.’
The 2020 Economic Cost of Cyber report is the second such report from Grant Thornton Ireland.