July 2, 2024
During the pandemic, data breaches disproportionately affected smaller companies; they were targeted at twice the rate of larger businesses. Since the pandemic, those same smaller companies have been struggling with COVID-19 fallout ranging from supply and labor shortages to bouts of inflation. All those preoccupations have left them more vulnerable to ransomware attacks.
Typically, ransomware is triggered when an employee downloads an attachment or responds to a phishing or scam email. Ransomware can also penetrate a network through server vulnerabilities or an infected website. A third way that ransomware works is by sneaking in through security holes in older, unpatched versions of operating systems.
Once the ransomware has infiltrated, it will lock users out of their computers. Their devices will display a message demanding a ransom to unlock the hardware and restore access. The ransom is often payable only in bitcoin or other cryptocurrency. Those transactions are quick and easy, and because they are anonymous, difficult to trace. Although bitcoin is the most popular ransom currency, ethereum, zcash, monero or another may be stipulated. In the past, gift cards for Amazon or iTunes were popular for smaller scale extortion.
The ultimate damage may greatly exceed the cost of the ransom itself. Being locked out of computers or servers has a ripple effect, resulting in business downtime and the concurrent lost revenue, lost customers or lost new business, as well as negative publicity.
It is essential to take precautions to ward off any impending threats:
Even if you religiously follow security best practices, ransomware may still break through. The first step in your response plan is to not panic. Take a photo of the infected screen before you unplug everything; pay particular attention to any deadlines mentioned. Next, try to isolate the infection by disconnecting any vulnerable hardware from the network.
Contact your help brigade, including your data privacy lawyer (or other attorney) and your cyber insurance company. It is a good idea to report the incident to your local FBI office too.
Next, implement your internal procedures:
Across the industry, many experts counsel victims against paying a ransom. The risks are like those of kidnapping: How do you know the gang will practice thieves' honor? What is the guarantee they will unlock your systems? Will they keep demanding further payments?
However, businesses are increasingly willing to pay to salvage their operations, so if you do succumb, you are not alone. Since 2020, the number of organizations that have paid ransom has risen by 5.4%, amid a 9% increase in attacks over the past two years.
Before transferring funds, at least consider requiring a so-called proof of life — evidence that the wrongdoers can decrypt and restore at least one file.
Talk to your security team and professional technical advisers about any other safeguards you can set up in advance. Find out more about our full suite of services for small to medium sized businesses.
Source: Industry Newsletters ©2024