Ransomware isn’t a new threat to business. It has been around for a long while, but lately it seems we are bombarded with news stories about ransomware. Two recent ones of note have been the cyber attacks on Colonial Pipeline and JBS Meats. In both cases they agreed to pay the ransom. So, why is this a problem?
Both of the above attacks threatened the delivery of fuel and food. Wouldn’t paying the ransom make sense to restore those supplies? There are 3 problems with this tactic:
- Paying the criminal just encourages more attacks,
- There is no guarantee that a decryption tool received will work to restore your data,
- There is no guarantee that the hackers won’t released the data they have stolen into the wild anyway.
A study by Cybereason found that 46% of those who paid the ransom were not able to recover all their files, and 3% weren’t able to recover any at all. Max Eddy of PCMag, wrote that Colonial Pipeline “coughed up the cash only to find that the decryption tool they got in exchange worked too slowly to be meaningful. Their $4.4-million ransom bought them nothing, in the end—but it almost certainly funded more ransomware attacks.”
The reality is that once you have been attacked by ransomware, the damage has already been done. And if the hackers have stolen some of your data before they encrypted it, there is a good chance it will be leaked out at a future date, even if you do pay the ransom. So, stop paying the ransom and do these 4 things instead.
- Always backup your data and ensure the copies are kept offsite and offline to avoid having those contaminated with ransomware too.
- Use antivirus software to prevent common strains of ransomware from getting into your network.
- Use multifactor authentication everywhere possible to avoid a hacker from stealing a login and installing ransomware on your systems.
- Implement cyber awareness training for all staff so that they recognize phishing emails, and more importantly, don’t accidently download ransomware.
Note, if you have been attacked by ransomware and are ready to restore your systems from the backups, please ensure you have done an investigation into how to ransomware got into your systems and have cleaned them thoroughly.
As you can see, paying the ransom really isn’t as useful as protecting yourself from cyber attacks in the first place. QuickProtect offers the protection, guidance, and support you need to protect your business. QuickProtect offers real-time ransomware protection, offsite and offline backups, cyber security user education, and ransomware recovery insurance.