Ransomware Demands and Business Payouts on the Rise
Ransomware targeted at the business sector has recently become the preferred income method of many hackers, in part because it can provide huge returns when enterprise victims are willing to pay up. For these more advanced renditions of ransomware, individuals are no longer the main target, since individuals don’t provide the financial windfall hackers are hunting for.
With potentially unlimited resources at stake, ransomware attacks have begun to focus exclusively on businesses — often with great success. As ransomware variants become increasingly easier for hackers and other cybercriminals to obtain, industry experts expect the problem will only get worse for businesses of all sizes and across industries.
Paying the Ransom Only Makes Matters Worse — and Sometimes Isn’t Even Successful at Restoring Data
Three of the most recent highly publicized ransomware attacks involved the University of Calgary, a school system in South Carolina and Hollywood Presbyterian Hospital. In each case, the organizations were not prepared to respond to or recover effectively from the attacks, and business management felt compelled to pay the ransom as their only option to protect their users and recover valuable sensitive information.
Paying the ransom is harmful in more ways than one:
Additionally, paying the ransom is never a guarantee. After all, these are cybercriminals we are talking about — not legitimate businesses who care about contractual obligations and the rules and regulations of cyberspace. Sometimes, a paid ransom merely results in a bolder attack who decides they want even more money for the same data they were just compensated for. Take Kansas Heart Health Hospital, for instance. In May 2016, the hospital paid a ransom as a last resort to unlocking sensitive patient files and data — and then the attackers demanded more money.
Dealing with and compensating criminals are terrible solutions in response to cybercrime. Effective IT incident response management and data disaster solutions provide a much better, more reliable alternative — and unlike a ransomware payout, incident response planning won’t break your budget.
With the Right Incident Response Planning, Paying the Ransom Is Never the Only Option
Many businesses do not have the internal IT capabilities to respond to and recover effectively from a ransomware attack or to reduce the chances of one happening in the first place. In cases where businesses and IT teams are underprepared, paying an exorbitant ransom for the return of valuable and sensitive company files and folders may seem the only option. With the right disaster planning and incident response preparations in place, paying the ransom should never be the easiest — or the only — path to recovery.
Community responders have come together during this most recent ransomware crisis to assist unprepared victims in recovering their data, but these ever-evolving renditions of malware and malicious ransomware Trojans can easily sidestep even the most advanced recovery techniques — and then become more advanced themselves.
Some practical methods for defending against ransomware include:
The only way to truly defend against ransomware is to defund the criminal element behind it — and that starts with an effective, comprehensive incident response plan on the part of ransomware’s most lucrative target. Businesses of all sizes should develop and implement an advanced disaster response and recovery plan so they are never without options if a ransomware demand is placed upon their valuable business data.
If you feel your company may be underprepared to respond to a ransomware demand or any other cyberthreat, we can help. 403Tech Inc is an industry leader in IT security and incident response strategy. Contact us at (403) 215-7506 or send us an email at [email protected] for more information.
Scott Gallupe of 403Tech Discusses Cybersecurity Threats in Business in Calgary Article
The COVID-19 pandemic sent businesses scrambling to pivot from an office-based environment to a remote workforce. A recent issue of Business in Calgary featured 403Tech President Scott Gallupe, who advised on how local businesses can protect their IT systems from cybersecurity threats. He explained that passwords and video collaboration tools are possible entryways for viruses and malware. The article, Alright, Stop, Collaborate and Listen, features several local IT leaders, describes the issues faced by business owners during the pandemic and provides guidance on ways to protect business data from ransomware and other types of cyberattacks.