Updated: Aug 19
What is ransomware?
Ransomware is malicious software used to lock data files in carrying out extortion or blackmail. Extortion is a criminal offense that uses threats to force one to provide money usually in the form of cryptocurrency. It is an age-old crime revised for our modern era.
There is still some argument over whether to pay up or not and it largely resides with whom you ask. Criminal hackers have extended the threat campaign for those resistant to their demands. But don’t let that be your deciding factor and here’s why.
Once they have the data, expect the worst scenario, and go from there. Seriously, a thief of this sort is not to be trusted. Expect the data to be retained and copied for another future attack. Expect the data to be sold to other criminals and/or a competitor. Expect the breach to damage the reputation to some extent.
BECAUSE most small and medium businesses have little or no cybersecurity in either defense or recovery plans, they continue to be the focus of ransomware and data exfiltration extortion attacks. When these businesses work with other third-party companies, the likelihood is they, too, are under-secured and under-insured compounding the threats exponentially.
Small and medium-sized businesses make up 68% of ransomware attacks. Due to their size, they are underreported by the media. Small businesses come and go without much notice as they rarely have the financial or technical expertise to properly handle the incident and remediate it to prevent another attack.
The Forrester’s Guide to Paying Ransomware may be a viable option if the funds are available. Often, the demand is so high that many businesses are forced to close their doors permanently.
What can a small or medium business do?
Start with a business plan to assess the cyber risks involved for your company. Hiring a full-sized cyber team is not required when there are so many firms available that provide cyber protection services. A risk assessment of your system will determine how much protection is needed. If cybersecurity is not within your budget, consider the costs after a breach. It will put things in proper perspective.
With or without insurance, some costs involved are the hire of an incident response team to assess the damage and extent of affected systems. Provided you at least have backups to recover the data from, it takes time to remove the malware and restore the system.
There will be consultations with the insurance company, legal counsel, and law enforcement. This is a serious crime that should be reported. Whether you recover from backup or pay the ransom for decryption, recovery efforts frequently run into hundreds of thousands of dollars.
One thing is sure, all the businesses attacked that were without cybersecurity initiatives, thought it would not happen to them.