Most Small and Midsize Businesses Won’t Survive an Attack
Ransomware attacks are on the rise. Over 46% of the world’s total attacks are targeted against the US. Unfortunately, new research from CyberCatch, a cybersecurity platform provider, shows that 75% of small- and midsize businesses would be forced to close if a bad actor demanded a ransom. It is not a question of “if” an attack will occur for most companies but “when.” You can take steps to mitigate your risk and prepare for an attack.
To Pay or Not Pay
Even if your business decides to pay the ransomware demand, it does not guarantee that you will recover your data in a usable format. Remember, you are dealing with criminals; thus, there is no code of ethics. Per the available research, 58% of extortionists attempted a second ransom after receiving payment, and 42% did not decrypt the files after payment, so the data was still unusable. Furthermore, if you pay in Bitcoin, the transactions are public and traceable. If used for any illegal transactions, they could be traced back to your business.
Even if you pay and recover your data, it takes an average of 16.2 days to remediate an incident. Think about having your business interrupted for more than two weeks. Not to mention the damage that is done to your reputation and inability to service your customers. The devastation done to one Illinois College is causing them to shut down indefinitely. In Michigan, Kalamazoo Community College was forced to close its campus after an attack. These are just two recent examples of attacks.
What Happens if Attacked
If your business becomes a ransomware target, these steps can help your business survive.
Assess the attack –
Take a picture of the infected device’s screen before unplugging it. Pay attention to the payment deadlines or the number of days. Many times, the longer it takes to pay the ransom, the more the ransom demand. Check all of your systems to see if your network is compromised or if the attack is localized.
Immediately call your experts –
This could be your internal IT team or a trusted IT vendor to supplement your team. In addition, if you have cyber insurance, contact them, and you may want to involve local law enforcement.
Determine the data you can recover –
once you have identified what is infected, check on your backup systems to assess what data is recoverable. If you determine you need to pay the ransom to recover your data, have a clear communication plan on when and what you will pay.
Reset your systems –
immediately reset all passwords. Ensure you have the latest software versions and run any patches to strengthen your security. Watch for backdoors that bad actors could further exploit.
Do you have a Ransomware Plan?
We can help. Dewpoint has the security and infrastructure experts and experience to mitigate your ransomware risks and create a recovery plan in case you’re attacked. By taking simple cybersecurity steps, you can reduce the probability of an attack and its impact. Like in sports, we believe the best defense against an attack is a great offense. Contact one of our cybersecurity experts today.