Don't pay the ransom. Invest in better recovery instead!
Once ransomware infects a network, it contaminates all the data it accesses, including system files and backup storage. Attacks like this quickly become full-blown disasters that can take days to restore, days in which business activities can be brought to a standstill.
Most ransomware comes from North Korea, Iran, and Russia. Greed is usually less of a motivation than a desire to inflict damage and sow chaos. The goal of harming people and organizations outweighs the desire to steal money.
Ransom demands are intended to stoke panic. It’s a natural reaction since data is the life’s blood of organizations. The urge to pay can be powerful, but enriching the criminals invites more extortion, and you have no assurance that they will hand over the keys to decrypt your data. Before you've fully recovered, you may be hit by more infections from the same source, causing yet more data loss.
So don’t give in.
Ransomware: A Growth Industry
While most types of malware attacks are leveling off in frequency, ransomware is on the rise.
- A 2020 HELPNET study cites a 39% decline in malware along with a 40% surge in ransomware globally.
- Ransomware costs for 2020 are estimated to have reached $20 billion for organizations worldwide (Purplesec).
- DATTO determined that one in five SMBs fell victim to ransomware attacks in 2020.
- 51% of the businesses surveyed by Sophos were hit by ransomware in 2020.
- Kaspersky, along with other sources, found that about one-third of companies surrender to ransom demands and pay up.
- Kaspersky also discovered that 34% of businesses hit with malware took a week or more to regain access to their data.
- Microsoft reports that purveyors of ransomware are taking full advantage of the pandemic by sending COVID-19-related phishing emails.
- In a mid-2020 survey, SONICWALL saw a 176% increase in malicious Microsoft Office file types, a 50% rise in IoT malware attacks, and a 109% ransomware spike in the US
Protection is Crucial…
Without strong firewalls and server defenses, plus up-to-date anti-virus and malware protection installed on every PC and laptop connected to your network, your data is vulnerable to attack. Although servers incur the most damage, attacks usually come via PC workstations and laptops connected to the network. Some variants infect environments without clicking, by exploiting unpatched systems or weak security.
Essential Data Protection steps
- Always have a new-generation firewall in place.
- Know your security vulnerabilities.
- Establish company policies that bring all employees into the protection process.
- Educate employees about the risk of clicking on unknown links, since malware is commonly hidden in unverified email messages.
- Upgrade your security by installing the latest-generation endpoint protection software to stop viruses and malware at the PC / laptop level.
- Incorporate email filtering to block known viruses and malware.
- Consider a security monitoring service.
- Carefully evaluate your data backup solution and upgrade your tools accordingly.
Having a well-planned cybersecurity system is your first line of defense against all forms of malware, with ransomware at the top of the list.
Only robust disaster recovery can help you rebound quickly when ransomware breaches your defenses.
Malware developers are constantly creating new and more damaging ransomware. Even the best-defended system can be penetrated from time to time, and the ability to rapidly restore data and repair system damage is the only path to continuing operations and eliminating losses.
Optimum disaster recovery coverage can appear costly, but not in comparison with the potential losses that significant downtime and system rebuilding bring on. The key to minimizing your downtime from natural or manmade disasters is your recovery solution. If you have a file backup solution but no protection for your server or PC operating systems, now is the time to evaluate which computers and data sets are the most critical to your business and upgrade your protection to minimize your downtime.