Ransomware seems to be everywhere and is one of the latest cyber crime tactics being utilized by cyber criminals to extort money from companies. This malicious code can lock or encrypt your network files or PC until a hefty fee is paid. It can infect your PC, server, network files, and or backup systems and can enter your network through an infected email attachment, downloaded file, or a vulnerability in a network service.
Recently, several hospitals have been hit with ransomware. Presbyterian Hospital in Los Angeles had their systems offline for 10 days while they recovered from a ransomware infection and patients had to be transported to other facilities for proper care. In the end, Presbyterian Hospital paid $17k to have their files unlocked in addition to the expense of moving patients.
If recovery from a backup isn’t possible IT professionals could be spending hundreds of hours to break the encryption and cleanse systems of the ransomware infection. In some instances, paying the fee to receive the encryption key is more cost effective, but leaves the door open to a repeat attack or for the hacker to take the funds and never unlock the files. In most cases no files are stolen and no breach occurs but extended downtime may occur.
Below are just a few basic security tips companies should ensure are part of their best practices:
- Educate Your Users – An errant click on a malicious email message can take down even the most stalwart network. Ensure your staff knows how to identify email scams and phishing attempts and what to do if they encounter one.
- Anti-Virus– Make sure your anti-virus programs are up-to-date and receiving virus definition updates daily.
- Have a Backup – If your firm is not in the position to have a redundant system running that will assist in recovering from a disaster such as a network impacting virus, ensure that all applications, databases, and data files are backed up locally and offsite.
- Develop and Test an Incident Response Plan – Recovery from ransomware should be only a small portion of the plan’s coverage, but have a plan in place that involves input from all departments from C-Suite to the mail room. Test the plan at least annually.
Without proper risk mitigation strategies in place, companies who fall victim to ransomware will find themselves buried by associated costs to clean up the mess and return to business as usual. Aside from extortion fees, ransomware costs may include IT provider/consultant fees, lawsuits, regulatory fines, business interruption and lost revenue, and brand/reputation damage. All which may impact the financial standing of a company so significantly, it may not be able to recover.
