What is Ransomware?
Ransomware: An online attack perpetrated by cybercriminals who demand a ransom to release their hold on encrypted or stolen data. In the past decade, attacks that fall under the ‘ransomware’ umbrella have evolved from a consumer-level nuisance of fake anti-virus products to sophisticated malware with advanced encryption capabilities that now primarily target public and private sector organizations.
Ransomware has evolved along a third axis, as well: the extortion-like business model threat actors use to force payment from victims. If victims fail to pay within the allotted time, criminals escalate the attack and threaten to release confidential data publicly, or even auction it to the highest bidder on the dark web. And in yet another evolutionary twist, ransomware is now sometimes blended with destructive attacks, ultimately aimed at destroying and disrupting operations despite claims to release the data once the ransom is paid.
By the numbers
The Cost of Ransomware
In February of 2018 Colorado’s Department Of Transportation (CDOT) was crippled by a ransomware attack that infected almost 2,000 computers, costing the city between $1 and $1.5 million to only partially recover. It took over two weeks just to contain the ransomware, and another two weeks to get systems back online. There were between 50 to 150 people working on fixing the issue at any one time.
The city of Atlanta was crippled by the SamSam ransomware in early 2018, and it cost over $2 million USD in government funds total in order to deal with the crisis, which debilitated city resources for several days. At the time, the ransomware attackers wanted about $50,000 USD in Bitcoin.
How do you protect your business?
When a ransomware attack is discovered, every second counts. Uninterrupted, time is the ally of the attacker. As time passes, more data and files are encrypted, more devices are infected, ultimately driving up both cost and damage. Immediate—yet methodical and informed—action must be taken.
Alerting IT security teams and allowing them to launch the incident response process that they have prepared to combat ransomware should be a first step. If you have a retainer contract with a third party provider it is advisable to engage them as well. Other parties to consider contacting are federal law enforcement and regulators, depending on the local requirements for the geographies in which your company operates.
Have a plan in place with your Managed IT partner
Your Managed Service Provider for IT services (MSP) must have a plan in place to detect and contain a malware attack. You must check with them to get the information you need. It could affect your business liability insurance as well as the life of your company. A good and credible MSP will have a plan in place that includes the key areas of detection, analysis, containment, response, and recovery. If you are unsure of their capabililties, call them and ask them directly. Ransomware can cost you a great deal in lost revenue, productivity, and in some extreme cases, your business. It is your responsibility to know this but with the right Managed IT provider, you should be able to feel safe and protected.
We Provide Live Help
While many IT companies go out of their way to avoid live interactions, we encourage you to talk to us whenever you need. As a trusted Managed IT Service Provider for dental and health offices, we always answer our phones. It is very important to us that your call is answered by a live human being in our office and directed to the appropriate resource to resolve your issue. If you submit your request online, it will receive the same priority handling as calling us.