Published: August 3, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
Keeping tabs on ransomware attacks isn’t easy these days. Part of that reason is because ransomware is up 25% in the first quarter of this year, and at the moment shows no signs of slowing down. It’s a legitimate concern for every business since the array of victims is wide and indiscriminate. Recent attacks have halted production for Honda, threatened a New York law firm with exposing sensitive information about its clients, and held captive the information data systems for the city of Florence, AL. The reality is, every enterprise is subject to attack no matter the size or scope and the recent increase in ransomware is a concern for business owners and cybersecurity experts alike.
It’s tough enough that critical data is being held for ransom, but the decision whether to pay the ransom or not weighs heavily on victims. Studies show ransom payments are up 33% from the fourth quarter of 2019, and the average demand is $111,605. The downtime for affected businesses is 15 days, and many small-to-medium-sized businesses (SMB’s) find themselves unable to survive a ransomware attack. In fact, 60% of SMB’s close their doors within six months of a cyberattack. Other concerns for victims are the hit to their reputation, the cost of downtime, and the possibility that company data will be publicly exposed.
A business also has to struggle with the option of paying a ransom demand to restore their encrypted data. The FBI strongly advises never paying a ransom as it only encourages further attacks. Also, there is no guarantee hackers will hand over the decryption key to the hijacked data once a ransom is paid…or if it’ll work. Instead, the FBI suggests planning for a ransomware attack. A well-prepared business has the best chance of surviving an assault without paying a ransom or having lengthy downtime. They suggest every business follow their recommendations to counter a ransomware attack, including reporting it to their agency.
Regularly backup data, including testing backup systems to make sure they function properly when needed. Make sure backups aren’t connected to computers or networks and they remain separate.
Keep operating systems and software patched and updated with the latest versions available.
Set anti-virus and anti-malware software to automatically update, and make sure regular scans are conducted.
As always, advise anyone connecting into the network to keep an eagle eye out for phishing email, texts, and even voice messages. That remains the top way malware of all kinds get into the network in the first place.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org