Ransomware: Your precious data—kidnapped

It only took a few hours. But the effects were devastating. By about 3 p.m. UTC, more than 200,000 computers across 150 countries had been infected with a ransomware crypto-worm. As for damages, Symantec estimated that between paid ransom and business disruptions the total combined bill ranged upwards of $4 billion.¹

The WannaCry attack on May 12, 2017, targeted worldwide computers running the Microsoft Windows operating system. While that was one of the most notorious of its kind at the time, it was only a harbinger of things to come.

  • On March 23, 2021, CNA Financial, the seventh-largest commercial insurer in the U.S., was hit with a sustained cybersecurity attack and eventually paid $40 million to get their data back
  • A few months later, Colonial Pipeline, America’s largest refined products pipeline, went offline after hackers infiltrated it with ransomware. The operator paid the criminals $4.4 million in cryptocurrency

And the list of victimized businesses continues to grow.

Ransomware attacks are on the rise

As if things weren’t already trying enough for businesses these past years, 2021 saw a 105% surge in ransomware cyberattacks.² According to IBM, ransomware damages averaged $4.62 million per incident.³ Yet the cost of mega-attacks can range much higher. This includes not just ransom payments, but downtime, mitigation costs, and higher insurance premiums, to say nothing of the often immeasurable impact of damaged reputations.

Ransomware attacks your computer system and encrypts your precious data, holding it hostage till you pay the offending cyber-criminals.

Since U.S. companies are required to report cyberattacks only if consumer data is compromised, it’s not a stretch to believe that the actual impact may be quite a bit higher than what’s stated above.

It’s easy to see why 89% of small and medium-sized businesses (SMBs) consider cybersecurity a top priority these days.

How do ransomware attacks happen?

Ransomware attacks are part of a growing repertoire of cybercrimes hackers use to wreak havoc, disrupt organizations and enrich themselves. Here’s how they work:

Businesses experienced a surge in ransomware attacks in 2021, with an average loss of $4.62 million per incident.

Hackers gain access to a computer or mobile device when victims download malware through phishing emails with attachments, or by clicking on links from unknown sources. Once the malicious code is activated, it worms around till it finds the data it wants. It then encrypts those data and prevents you from accessing critical files, and/or it makes computers unusable altogether.

Like kidnappers, hackers essentially hold your files hostage till you pay a ransom—typically in cryptocurrency—with the promise of sending you a decryption code. But, as the saying goes, there’s no honor among thieves. Nor is there any guarantee that, after paying the ransom, you’ll get your data back, or that the perpetrators won’t make your precious data available on the open market.

To pay or not to pay. That is the question

Victims of ransomware attacks face a Hobson’s choice: they either pay their attackers, or they risk considerable disruption in attempting to decrypt the data themselves. The latter can be a long, fraught process with an uncertain outcome.

The cost of ransomware attacks includes ransom payments, downtime, mitigation expenses, higher insurance premiums, and the immeasurable impact of a damaged reputation.

Research firm Gartner and many other cyber experts counsel against paying ransom for these reasons:

  • There’s no guarantee you’ll get your data back
    Only a very small percentage of victims recover all their data; a big percentage never do.

  • Encrypted files are often unrecoverable
    Big surprise: the decrypters provided by kidnappers often do not work.

  • Data recovery can take weeks
    By then, the damage is done—to your operation and your reputation.

  • Hackers may exploit your stolen data
    They could sell or openly disclose the information if it has value.

  • Giving in only encourages more attacks
    It’s hard to think of the greater good amid a ransomware crisis, but this is an inescapable fact.

  • Paying could be illegal
    Adding insult to injury, paying hackers could violate certain U.S. government sanctions imposed on actors working out of Iran, Russia, North Korea, and other countries.

Things you can do

Defending against or mitigating the effects of ransomware attacks isn’t easy. It requires a concerted effort across your entire organization. Here are a few ways you can keep cybercriminals at bay:

Educate your staff
This is the number one thing you can do to stop ransomware attacks. Teach your people how to spot and avoid malicious emails, question links from unknown sources, and think twice before opening attachments.

Keep up with updates
Updating your operating systems, applications and other software assets regularly will help close the security gaps. Also, utilize auto-update settings to the fullest.

Perform regular backups
Data backups won’t prevent a ransomware attack. But they are the most effective way of recovering from them. Make sure your backup files are password-protected and stored offline or out-of-band, so they can’t be targeted. Putting backups on the cloud may also be a good option.

Partner with an IT expert
Beyond the above, there are other steps organizations can take to help prevent or mitigate ransomware attacks. These involve the hardening of endpoints, changing port settings, integrating an intrusion detection system, and other efforts.

However, studies suggest that 62% of small to medium-sized businesses (SMBs) lack the in-house skills needed to properly manage security issues. That’s why finding a trusted managed IT services provider may be a good idea.

Count on Stability Networks

Given the magnitude of ransomware threats and lack of resources most SMBs possess to combat it, it’s no wonder the vast majority of these companies would consider hiring a managed services provider if they offered the right solution.

Reach out to Stability Networks. We offer the tools, talent, and commitment to help you thwart ransomware attacks while reducing operational costs and complexity. Call (208) 344-0050 x2, or email us at support@stabilitynetworks.com.

 


[1] Copper, Charles. WannaCry: Lessons Learned 1 Year Later. Symantec. May 15, 2018.

[2] 2022 SonicWall Cyber Threat Report.

[3] Cost of a Data Breach Report 2021. IBM Security.

[4] Internal Microsoft Research.

[5] Moore, Susan. When it Comes to Ransomware, Should Your Company Pay? Gartner.com. October 10, 2021

[6] Bourne, Vanson. The State of SMB Cyber Security in 2019. Continuum Managed Services, 2019.

[7] Internal Microsoft Research.


 

Other Articles

why do we need cyber security awareness december2
Cybersecurity & Security

Why Do We Need Cyber Security Awareness?

Cybercriminals work hard every day to gain access to your network. Whether it’s through network hacking or seizing your files through a ransomware infection, they

Schedule time with us

Welcome to our scheduling system—designed with your convenience in mind! Whether you want to meet in-person, or video-chat, we’re ready to book a time that suits you best.

Bringing Stability back to I.T.

We look forward to providing you an I.T. Solution Proposal. To start the process, simply fill out the form to provide us with some company information and your needs. As soon as we receive it we will contact you to understand your needs and begin gathering information for your proposal.

Services