Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt. Do you:
a) spend countless hours rebuilding from backups (if you were diligent enough to ensure they'll work) or
b) pay the perpetrator to unlock your files?
Now that ransomware is spreading like wildfire through malicious emails, "malvertising" campaigns, and exploit kits, many firms and individuals face this exact scenario.
The cost to recover from backups is often drastically higher than simply paying the criminal's asking price. Once you add up third party service provider fees, regulatory penalties, business downtime, and reputation damages, the actual ransom may not seem so significant. So should you pay the ransom for the key to unlock your files?
The FBI says no. Last year the Bureau issued a warning regarding ransomware. Their current stance on paying the ransom to criminals is the following:
“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
With that in mind, to combat ransomware, firms must be well prepared and ready to respond. Here are six ways to do just that:
1. Have a consistent, reliable system backup in place.
Test these backups periodically as well.
2. Patch servers, computers systems, and mobile devices on a scheduled basis
Don't let outdated software expose your company to a major well-known vulnerability.
3. Update Anti-Virus software regularly
New viruses pop up on a daily basis. Anti-virus programs adjust accordingly, but you must keep them updated. Set them to auto update if possible.
4. Limit user access to “as needed” basis
If a lower level employee's machine is infected, this may help contain the problem.
5. Develop written documentation such as; Business Continuity Plan, Disaster Recovery Plan, and an Incident Management Plan.
Having plans already in place will allow you to spring into action immediately without any need for research, planning, and implementation with minimal hiccups.
6. Consider Cyber Liability Insurance as many of the costs related to a cyber breach can be recovered or mitigated.
Cyber Liability Insurance might give you peace of mind in the assurance that if something does happen, you'll have coverage.
Ransomware cases are being reported at a steadily increasing rate. As they say, it’s not a case of if, but when. Since paying the ransom should not be an option, solid preparation with input from all departments and the board should be high priority when discussing your company’s cyber risk exposures.
At The ALS Group, we consult businesses in a variety of different industries on cyber exposure, purchasing cyber insurance, and developing mitigation strategies and plans. Contact us today to speak to a risk specialist with absolutely no obligation.