Ransomware strikes. Your critical data files have been encrypted and your business grinds to a halt. You have the choice to spend countless hours rebuilding from backups (if you were diligent enough to ensure they will work) or you can pay the perpetrator to unlock your files. This is the scenario many, many firms and individuals are facing now that ransomware is spreading like wildfire through malicious emails, “malvertising” campaigns and exploit kits.
Often, the cost to recover from backups is drastically higher than simply paying the criminal his asking price. Once 3rd party service provider fees, regulatory penalties, business downtime, and reputational damages are factored in, the actual ransom may not seem so significant. So the question is raised, should you pay the ransom for the key to unlock your files?
The FBI says no. In a recent post on https://www.fbi.gov/news/stories/2016/april/incidents-of-ransomware-on-the-rise/incidents-of-ransomware-on-the-rise, the Bureau issued a warning regarding ransomware and their current stance on paying the ransom to criminals was noted:
“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
With that in mind, to combat ransomware, firms must be well prepared and ready to respond:
- Have a consistent, reliable system backup in place;
- Patch servers, computers systems, and mobile devices on a scheduled basis;
- Update Anti-Virus software regularly;
- Limit user access to “as needed” basis;
- Develop written documentation such as; Business Continuity Plan, Disaster Recovery Plan, and an Incident Management Plan;
- Consider Cyber Liability Insurance as many of the costs related to a cyber breach can be recovered or mitigated
Ransomware cases are being reported at a steadily increasing rate. As they say, it’s not a case of if, but when. Since paying the ransom should not be an option, solid preparation with input from all departments and the board should be high priority when discussing your company’s cyber risk exposures.
Click here to request more information about The ALS Group or on limiting your cyber risk exposure.
