Published: February 22, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
Employees at Arkansas-based The Heritage Company were caught in the middle of a ransomware attack late last year. The company, a leading fund-raising telemarketing business, was forced to make a very unpopular decision: Fire all 300 employees just before Christmas while the company struggled to recuperate from the attack. The 60 year-old company was hacked in October of last year and paid an undisclosed ransom to restore its hijacked systems. However, returning the business to working order did not go as smoothly as hoped, as their IT staff is reportedly still struggling with the aftermath of the attack. Terrible timing aside, The Heritage Company sent letters to all its employees on December 23, explaining what happened and why they were “temporarily” suspended from work and their pay checks.
Unfortunately, The Heritage Company is far from alone in struggling to survive a ransomware attack. It’s not the first-time employees have lost jobs and companies have closed their doors due to ransomware. Attacks on businesses of all sizes and stripes happen way too often, highlighting the need for an effective ransomware plan before it’s too late. Whether to pay a ransom or not can be a dicey decision as institutions like healthcare literally have lives at stake when data isn’t available. The FBI tells ransomware victims not to pay-up as it only encourages future attacks. And should a company decide to pay the ransom, there’s no guarantee a cybercriminal will provide the decryption key needed to restore system data.
Although large companies may be better equipped to deal with ransomware attacks because of dedicated IT staff and cybersecurity budgets, small and medium-sized businesses (SMB’s) rarely have the same luxury. Since 60% of all SMB’s close their doors within six months of a cyberattack, it should be a wake-up call for every SMB to have a contingency plan for ransomware attacks. A prepared SMB won’t have to question whether or not to pay a ransom to get their data back. Doing regular data back-ups are an effective way for any company to restore its own data and stop a ransomware attack in its tracks. However, system restoration should also be practiced regularly to ensure the process works well when it’s needed. You can bet the good folks at The Heritage Company wish they had been prepared for their ransomware attack, and their 300 ex-employees surely wish the same.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org