…is alive and kicking
Ransomware costs businesses billions of dollars a year. In 2019 it is estimated to have cost businesses in excess of $11.5 billion. The prediction is that this number will rise to over $20 billion in 2020! (For more information on the costs click this link )
Ransomware attackers stop you being able to use your own computing device(s) to access your own information. The attackers effectively lock you out of your own computer.
Kaspersky has created a little YouTube video which explains it very well.
Then, to add insult to injury, the hackers demand payment to provide you with the “key” to unlock your device. Adding pressure to make you pay, they sometimes declare a time limit: that your precious information will be deleted if payment is not made/received by a certain date and time.
Whether to pay has to be weighed against the possiblity that no deryption key will be forthcoming even after the ransom is paid. Remember, these criminals are unscrupulous and cannot be trusted.
Why is this a problem?
Apart from the financial aspect of having to pay a stranger to be able to use your own information, there are other implications that may be far more harmful to the business.
Even so, it is estimated that the cost of a data breach can be as high as $3.92 million – per company!
A serious impact is a legal one. If your data center is breached your company will be held responsible. Big money law suits have become commonplace in the current environment.
A more far-reaching impact is that of loss of reputation. The attackers exposing your customers’ information to the world, could open them to identity theft, or industrial espionage if they are a company, and such like. Customers – individual or corporate – can be very unforgiving. If you lose the trust of your customers, it is very difficult – if not impossible – to regain it.
Who is at risk?
Short answer: anyone with a computer system that contains information. The best targets (those with deeper pockets) are large institutions such as governments, healthcare corporations (including providers, such as hospitals), education departments, and large businesses. These are the most fruitful to attack but are usually the most heavily defended.
Smaller businesses are not immune… and may be easier to infiltrate. [Addendum: In August 2019 a network of dentist offices was held to ransom. They paid, but the figure has not been revealed.]
What can we do about it?
For a start, we are told by the FBI to NOT pay ransomware attackers. All this does is (a) risks your money because there is no guarantee they will release you, and (b) encourages them to try the same tactic again.
Companies are actively strengthening their security protocols. Together, they spend billions a year on applications and hardware. IT security teams are being professionally trained on how to spot a breach, what to do in the event it happens, and how to strengthen the system so it will not happen again.
One area that is often missed is the admin staff. They click on email links and visit websites in their downtime. These are the weak links. Read our blog “Achilles’ Heel” for more information on what you can do to help mitigate the possiblity of attack.
Remember: no-one is immune and this is one of the costliest threats to businesses success, today.
If you want to get your IT team trained with cutting edge knowledge of how to recognize a threat, what to do about it while it is occurring, and how to prevent it in the future, call us today!
NC-Expert is a privately-held California corporation and is well established within the Wireless, Security, and Collaboration industry certification training, courseware development, and consulting markets.
Led by its Founder and CEO, Rie Vainstein, NC-Expert has won numerous private contracts with Fortune level companies around the world. These customers have depended on NC-Expert to train, advise, and mentor their staff.