A Danish company revealed that the costs associated with what appears to be a ransomware attack could reach as much as $95 million.
Demant, a Danish manufacturer of hearing aids, suffered a “critical incident” that affected its IT infrastructure on 3 September. The company’s IT team responded by shutting down multiple systems across multiple locations and business units. Even so, these efforts didn’t prevent the incident from affecting key business processes including R&D, production and distribution.
The Danish firm said that it’s been actively responding by reactivating affected systems to catch up to the back-log of of work created by the incident. Towards that end, it noted that it should be able to restore all remaining business-critical units within the next three periods, and it disclosed that production in both Poland and Mexico is recovering quickly.
Even so, Demant noted that the security event will likely affect its reported operating profit (EBIT) for the year. As it noted in a press release:
Our current preliminary assessment indicates a total negative financial impact on EBIT in 2019 in the range of DKK 550-650 million [approximately $80-95 million], which includes the deduction of an expected insurance coverage of approx. DKK 100 million. This impact is predominately related to the estimated lost sales and weakening of growth momentum. Included in the financial impact, we expect to incur costs of DKK 50 million directly related to the incident.
The manufacturer went on to clarify that half of these losses stemmed from lost sales pertaining to its wholesale hearing aid business. In particular, Demant revealed that it had not been able to pursue growth activities in the United States and other markets. The company attributed this inability to its ongoing work to prevent existing customers from feeling the effects of the incident.
In its statement, the Danish manufacturer did not disclose the exact nature of the attack. But it did reveal that its IT team’s response “contained and limited the issue.” This detail supports a malware infection, potentially a ransomware attack, as a possible scenario.
This isn’t the first time that a company has needed to pay out big after suffering a ransomware attack. Back in 2017, for instance, container shipping company A.P. Moller-Maersk said that a NotPetya infection disrupted its operations and could come with a hefty price tag of as much as $300 million in lost revenue. FedEx revealed a similar cost from the wiper outbreak about a month later.
Organizations need to protect themselves against malware attacks including ransomware infections. They can do this by taking steps to prevent a crypto-malware infection in the first place. They should also invest in a tool capable of picking up on known malware signatures and behavior indicative of zero-day threats.