Lightning Often Strikes Twice for Ransomware Victims

By: Marco
June 19, 2023

1 in 15,300

Your chances of getting struck by lightning once

1 in 9 million 

The chances that it would happen to you again

What are the odds that your business would be targeted by a cybercriminal? Many small business owners think they’re too small to be considered a target, but they couldn’t be more wrong. And unfortunately, unlike a lightning strike, once you’ve been hit once, you’re more likely to be struck again. 

But first, let’s step back and examine the basics, as ransomware attacks have evolved over the past few years…


What Is Ransomware? 

Ransomware is a specific type of malware that encrypts data. Hackers can use ransomware to make your files inaccessible unless you have the appropriate keys to unlock or “decrypt” them. Hackers will then demand that you pay a ransom to get your files back — often in the form of cryptocurrency. 

More recently, some hackers will also threaten to publicly release sensitive information if you don’t pay up. They may even threaten to alert the media or directly contact your customers — notifying them that you’ve failed to protect their data. In fact, these secondary forms of extortion are becoming far more commonplace

Unfortunately, cybercriminals don’t always honor their promises. Even if you pay the ransom, recovering your data is not a given. Worse yet, paying the ransom can actually double the overall cost of the attack. 

Recent Ransomware Attack Statistics

The CyberEdge Group recently released their 2023 Cyberthreat Defense Report, which included a few statistics that are hard to unsee: 

  • 7% of organizations have been the victims of a ransomware attack so far in 2023 
  • 7% of these organizations paid the ransom
  • 73% were able to recover some data
  • 21.6% only had their data encrypted, with no additional form of extortion

The True Cost to Business Study 2022 also revealed critical findings that point to another alarming trend — repeat attacks: 

73% of organizations had at least one ransomware attack in 2022

80% of those who paid the ransom were attacked again

68% were attacked less than a month later with a higher ransom

Our Analysis of Recent Ransomware Data

It’s been incredibly frustrating for many small business owners to deal with a pandemic and then a ransomware epidemic on top of it. But here are our takeaways of where this data is pointing:


  1. If you haven’t already been the victim of a ransomware attack but you aren’t currently following cybersecurity best practices, you’re at high risk of becoming a victim.
  2. Do not pay the ransom. It’s tempting to try to minimize the damage, but it’s more likely to have the opposite effect. 
  3. Reliable backups are important, but they aren’t enough. Cybercriminals find that they can get even more money by releasing your information online and telling your customers and the media about it.  
  4. It’s important to develop an Incident Response Plan. Preparing for a potential incident, like ransomware, ahead of time can help companies define their processes, establish roles and expectations, increase their ability to properly identify an incident, respond quickly, and contain the incident before it spreads. This can save the company a tremendous amount of time and money if an incident was to occur.

How To Reduce Your Risk of Ransomware Attacks

How about some good news for a change? You’re not alone in the fight against cybercrime. The U.S. government has put together a list of cybersecurity best practices to help businesses and nonprofit organizations protect themselves, and we’ve compiled those recommendations into a Cybersecurity Checklist designed with small to midsize businesses in mind. 

Security awareness training is a key component of your overall cybersecurity posture — one that can transform your staff from your biggest liability to your star defenders against phishing, malware (including ransomware), and fraud. 

But if your IT team is already overwhelmed with other day-to-day tasks, perhaps the quickest way to update your cybersecurity posture is to book a security assessment from a leading technology provider. Many providers will offer you a free remote scan, but that scan won’t uncover weaknesses in your policies and settings, and you’ll get a mountain of data back without a good way to filter it. Ours is a bit different — we conduct a thorough investigation of your business’s risks and leave you with a list of custom recommendations, prioritized by what vulnerabilities pose the biggest risk to your business and why. 

Learn More About a Marco Cybersecurity Assessment

Topics: Security