When a ransomware attack recently debilitated the largest gas pipeline in the US, it was impossible to ignore. Even small company owners sympathized with the decision faced by giant Colonial Pipeline—to pay or not to pay to unlock their files. Eventually the company chose to pay ransomware gang Darkside $4.4 million in Bitcoin for a key to restore its data.
According to Palo Alto Networks, the average ransomware demand in 2020 was nearly $850,000, with an average demand of $2.9 million for large enterprises. Coveware estimates that the average ransom payment rose to $233,817 in the third quarter of 2020, up 31 percent from the second quarter. A recent survey of IT executives from 26 countries by security software company Sophos estimates that 51 percent of organizations worldwide have been hit by ransomware, with 26 percent paying ransom to get their data back.
Assess Your Risk
Ransomware attackers target companies of all sizes in all industries—as well as individuals. While some cyber-criminals are only seeking money, some are also after releasable or salable data.
For example, manufacturers can be targeted for their intellectual property. Healthcare providers can be targeted for their patients’ personally identifiable information. Police departments and law offices can be targeted for the potentially incriminating information they hold.
Plus, paying ransom isn’t always the end of the nightmare. The threat of releasing stolen data can be used over and over for extortion, and the criminals can return for more ransom.
Rather than face this dilemma, spend your IT energy and dollars preventing it. Basic security steps go a long way in protecting your network. For example:
Keep software up to date. Obviously, your antivirus software must be current, but keep your operational software packages up to date as well. Regular software updates—sometimes ignored by harried executives—often contain security patches.
Know your network. Use a security package to provide insight about traffic on your network and alert you to intrusion attempts and anomalies. Also, keep track of devices connected to your network. With employees working from home and portals available for suppliers and customers, you may be at risk from a backdoor entry. Consider segmenting networks to reduce risk.
Watch emails. Don’t click links. Don’t open unknown attachments. Don’t respond to email from an untrusted source. No matter how many times you remind employees to use good email protocols, it’s never enough. People are busy. Criminals are sneaky. Regular training is a must.
Forget the sticks. While many companies have moved to cloud storage, some employees still use USB flash or stick drives. As convenient as they are, they are easily lost, get passed around and inserted into untrustworthy devices, making them an easy malware conduit.
Because their risks are so high, some companies have banned their use altogether. If employees must use a USB, insist on one with a secure-key lock that encrypts files.
Change passwords. Until there’s a better universal system for gaining access to networks and files, passwords are a necessary evil. Changing them regularly is painful but mandatory. The length of passwords contributes to their security far more than the complexity of characters.
Make it a priority to strengthen your cybersecurity. Don’t risk your hard-earned assets on something as painful and pointless as a preventable ransomware attack.