At the same time, it is not a fictitious number that security experts could suck out of their fingers. In its research, Sophos is based directly on the data of companies and organizations that have fallen victim to ransomware attacks.
According to their experience, the ransom still amounted to an average of 400,000 dollars in 2023, which corresponds to 9.3 million crowns. This year, however, cybercriminals were not so modest, on the contrary, they paid a lot more. The ransom rose to an average of two million dollars (46.5 million crowns).
“Junk gun” ransomware scares experts. He can attack anyone
Safety
“We must not allow the slight decrease in the number of attacks to reassure us. Ransomware attacks are still the most common threat driving the cybercrime economy today. Without ransomware, we would not have encountered the variety and volume of preemptive threats and services that are the source of these attacks,” warned John Shier, CTO at Sophos.
At the same time, he emphasized that attacks by extortion viruses are also a threat to smaller entities and even individuals. “The ransomware landscape offers something for every cybercriminal, regardless of skill level. While some groups aim for multimillion-dollar ransoms, there are also those that settle for lower amounts and make up for it with the volume of attacks,” added Shier.
How ransomware attacks
Extortion viruses from the ransomware family can make quite a mess on a compromised machine. First, they encrypt all data stored on the hard drive. For making them available, the attackers demand a ransom, possibly several thousand crowns.
As a rule, cybercriminals try to give the impression to the owner of the attacked machine that he will get access to his files after paying a fine. It was allegedly assessed for the use of illegal software, etc. That’s why a lot of people have already paid them the ransom.
As a rule, they want to pay in bitcoins, because the movements of this virtual currency are practically untraceable. And thus, logically, neither is the illegal activity of computer hackers.
However, even after paying the ransom, users may not be able to access their data. Instead of paying the ransom, it is necessary to uninstall the virus from the computer. However, in most cases it is impossible to access unbacked data.
It will cripple the business
The Sophos survey also found that excluding ransom payments, the average cost of restoring operations and data reached $2.73 million (63.6 million crowns) in 2024, compared to only $1.82 million (42.4 million crowns) a year earlier crowns).
As can be seen from the lines above, extortion viruses are a big problem for companies, as they can completely paralyze operations. “If the attacked company decides to pay the ransom to the attacker, there is a problem with accounting and taxes. In contrast to expenses for the prevention of attacks or ensuring the restoration of data and operations, this is not a tax-deductible expense. Attacks actually cost companies much more,” said Jaroslav Cihelka, cyber security expert and co-owner of ComSource.
According to him, it is generally true that there must be a clear link between the expenditure and the expected income and it must be a reasonable expenditure. Failure to do so could lead to fictitious commitments and fraud.
It costs more to put out a fire than to prevent it. The effects of cyber attacks are long-lasting and often fatal.
“According to the General Financial Directorate, in the case of the payment of the ransom, there is no direct relationship between income and expenditure, because the fraudulent entity is acting illegally and the payment of the ransom is only a consequence of illegal conduct. In addition, it is very problematic to prove that something happened, that we really have to pay, but also where and to whom we will pay in the end,” said Miroslava Tomášková, managing director of the accounting and tax company Kodap City.
According to her, it cannot be proven that without the payment of the ransom, the business activity will not continue, and especially that we did not pay the ransom to, for example, our own uncle. “Cyber attacks have a direct impact on accounting and tax payments as well,” said Tomášková.
“It costs more to put out a fire than to prevent it. As a rule, companies are prepared as part of various certifications for what to do in the event of a fire or some other problem. And they try to prevent these events. But they often overlook investments in cyber security, and often don’t even think about what to do when their IT systems fail. At the same time, the effects of cyber attacks are long-term and often fatal. “It can take several years to fix a ransom attack, during which the data of a company or institution is encrypted,” added Cihelka.
Hundreds of billions of crowns
At the end of this year, the research company Chainalysis pointed out that at least $24.2 billion worth of cryptocurrencies (over CZK 550 billion) were sent to illegal crypto-wallets last year. Cybercriminals’ profits from ransomware attacks are also included in this amount.
The stated amount is only preliminary and is likely to increase further as more illicit cryptocurrencies are identified, researchers at Chainalysis warned. The firm almost doubled its estimate of the amount sent to illegal cryptocurrencies in 2022 to $39.6 billion from $20.6 billion a year earlier.
Billions went to illegal crypto-wallets last year
Internet and PC
