Similar ransomware incidents could range from anywhere in the hundreds of thousands of dollars to around $10 million, experts said.

What can be done to prevent it?

By now, organizations of all sizes should be using good "cybersecurity hygiene" — for example, requiring regular password changes by its employees and two-factor authentication. But even those best practices may not always be enough to keep a bad actor out of a network.

When it comes to ransomware, the best-case scenario is if organizations can catch hackers while they're inside the network gathering data but before they've fully executed an attack and files are locked. Bad actors typically penetrate a network up to three weeks before a company gets a ransom notice, according to Analyst1's DiMaggio.

He added that artificial intelligence tools could be helpful to companies in tracking users on the network and identifying suspicious behavior.

That's how tools like Cybereason work — when the technology identifies a pattern of behavior consistent with a bad actor inside the network, it immediately removes that user's access.