How Should A Company Handle Ransomware? An Overview
Ransomware is a type of malware that encrypts data and demands a ransom to decrypt and restore the data. With cloud storage and crypto rising in the last few years, ransomware attacks have become a low-entry barrier and increasingly popular. A study by Cyber Edge Group found that a ransomware attack hit 50% of surveyed organizations in 2021.
For companies, this is especially troubling as the costs can be tremendous. The same study found that the average downtime following a ransomware attack was 17 days, and the average cost per attack was $1,133,871.
All of this makes ransomware a severe threat. This means that companies should develop a defense plan in case of an attack or at least know who to contact in case of a ransomware infection.
In this article, we will dissect what ransomware is, recall some recent examples, and answer how a company should handle ransomware attacks.
What is Ransomware? Two Recent Examples
Ransomware is a type of malware involving a hacker attacking a computer and accessing private files to encrypt them and ask for a ransom to decrypt them. The primary forms in which the attack occurs are phishing emails (very popular in the holidays as a form of holiday scams), social media shares, and site downloads.
Recently, the Hive Ransomware gang leaked 550 GB of data stolen from Consulate HealthCare. The data included classified documents, contracts, and customer and employee information. The negotiations fell apart after several weeks due to the high amount of money demanded by the Hive Ransomware gang.
Another recent case involved San Francisco’s Bay Area Rapid Transit (BART). The Vice Society ransomware claimed on their website to have attacked BART and be in possession of confidential data. Currently, it is still unclear whether BART was hacked or not. However, just the time and resources mobilized to check for potential breaches is a hassle on its own.
How Should a Company Handle Ransomware?
First of all, any company should indulge in the best cybersecurity hygiene possible. In any circumstance, should an employee open emails from unknown senders (known as business email compromise), click on spam links, or share shady posts on social media. Another critical measure is keeping all software and security systems up-to-date, including anti-virus and firewall protection. Besides this, adequate cybersecurity infrastructures should be put in place with the help of IT Consultant Teams, such as Skyriver IT.
In case of an attack, the incidence response should be adequate. First and foremost, stay calm and alert the IT department. If possible, contain the infection. If you do not have an in-house IT specialized department, then contact a professional who can help. We at SkyriverIT have professionals with decades of experience who can help you solve this problem.
In any case, you should avoid paying the ransom. The official guidelines from the FBI are clear: “The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and incentivizes others to get involved in this type of illegal activity.”
Final Thoughts
Ransomware is a very serious threat to companies. The attacker can leak sensitive data on employees, bills, customers, and contracts. The best way to avoid this scenario is by successfully practicing cybersecurity hygiene and promoting internet-good practices with your employees.
In case of an attack, be sure to maintain calm, inform the adequate authorities (the FBI in this case), and contact an IT Consulting firm such as Skyriver IT, which has multiple technicians who can help you solve the problem. In any case, refrain from paying the ransom, as this does not guarantee you will get any data back.