A quick Google search tells us that the average cost of a ransomware attack fell to $1.4 million in 2021, down from $1.85 million in 2020. While that might look like good news, the truth is something that should concern all of us. Now, hackers are focusing their efforts on smaller businesses like ours. That means the ransoms are smaller, but the attacks are more successful.
Not too long ago, 60 Minutes ran a story on ransomware. The focus was on three significant ransomware incidents: two involving municipalities and one involving a hospital. Cybercriminals subjected all three to attacks that resulted in the encryption of data files and backup files. Unfortunately, this forced the organizations to resort to using paper and pens to log their transactions.
One city decided not to pay the ransom and replaced the breached technology at a large expense. The other two, despite FBI recommendations, ultimately paid the ransoms to restore their data. The hackers demanded $55,000 from the hospital. The other municipality negotiated a payment of only $8,000. Although the ransom amounts may not seem excessive, the hackers won, and will most likely strike again.
Not one of these three entities could pay a million-dollar ransom demand. However, they could afford to pay something to get their data restored. And this is what hackers are counting on. They are looking to extract money from as many businesses as possible. Here’s a statistic that should scare you: According to the US National Cyber Security Alliance, 60% of small businesses that suffer a cyber-attack go out of business within half a year.
Ransomware and Small Businesses
Close to 50% of small business owners claim that a cybersecurity incident in the previous year impacted their company. Ransomware affects more than just large organizations. Perhaps more significantly, the narrative has portrayed paying the ransom as the least expensive and frequently quicker option. In rare circumstances, paying the ransom is the only option. If you ever find yourself in a ransomware trap, we do not advise you to pay the ransom right away. In fact, you should contact your local law enforcement before you take any action at all.
Let’s look at some tips for you to consider:
1. Do you trust the hackers to return your files after paying the ransom?
You’re counting on someone who just kidnapped your data and demanded an outrageous ransom to release it back to you. To us, this seems like utilizing hope as a method of data recovery. The hacker could say, “Thanks, but no thanks!” or “Sorry, but we ran into problems with your recovery.” The point is, don’t expect crooks to behave like regular citizens and honor their agreements.
2. Prevention is a wiser course of action.
You should be able to restore data that existed before the ransomware attack if you properly configured your backup with on-premises and off-site (cloud) solutions. A minor data loss is much preferable to paying a huge ransom, which would place your finances in financial trouble. Along with installing a sufficient backup, ensure your staff is well-trained, and keep a close eye on the data entering and leaving your network.
3. Isolation is helpful.
Consider not storing all your critical data in one location. You don’t want to leave the door open for ransomware to encrypt everything of value on the chance it enters your network. To ensure the security of your data, try to keep all crucial applications on isolated workstations.
Attacks by ransomware might be declining, but this only encourages hackers to devise new, inventive ways to con you out of your time and money. Hackers are probably inspecting your level of security right now!
As your managed service provider, we can help keep your data as secure as possible. We will make sure you’re safe and don’t need to depend on paying a hefty ransom to keep your business operating regardless of what the hackers come up with to attack you. Contact us today and let’s go over the ways we can keep your data safe, and your doors open.