#5minSecurityread: Ransomware. The only solution.
News and information from the Advent IM team.
One day you realise with horror that your files and computers have been blocked. Nothing works. A message appears, it says everything is encrypted, and you have 2 days to pay a ransom in bitcoin before it deletes everything. What do you do?
Of course, a well-prepared plan for this possibility will swing into place immediately and save the day. You will be quickly up and running as normal, and no ransom paid. Job done. Prevention is always better than cure.
But what if you don’t have a plan, and a backup process that takes too long (if you have one) and you need to complete a big contract in 24 hours? You pay the ransomware of course. It’s not illegal, and its affordable. What’s the harm?
The harm is this;
A recent report from CyberEdge Group shows that ransomware criminals are now releasing files after being paid, in 68% of cases. This is up from 39% in 2018. They have realised that more victims are likely to pay if they actually un-encrypt the files on payment. Still, it’s not a guarantee, as 32% of victims do not get released – not usually until yet more money is paid.
The report also tells us that 68% of all businesses in the US have now been attacked with ransomware in 2020 (55% in 2018, 56% in 2019). This proves they come back again, as 55+56+68 = 179%.
With the ransomware industry now worth $ billions, it’s not going to go away. Conclusion; there is no substitute for having a detailed prevention plan and a detailed recover plan. Most ransomware comes via phishing and e mail. Great attention to email hygiene is required plus continuous back up data everywhere, two versions best. Train your people and maintain awareness until it is part of their DNA. Done well, you will never have the temptation to pay.