Ransomware: How Much Would You Pay?
You get an email saying all of your information has been compromised. “Hackers” or cybercriminals on the other end of the screen implemented ransomware. This is a nasty piece of malicious code that prevents you, the organization, from accessing your information. They demand a huge lump sum of money in order to gain access again.
What do you do?
It seems almost every day there is another story in the media about ransomware. Most recently in headlines, entire cities have been targeted. The City of Baltimore was recently brought to their knees because they refused to pay the ransom. But another succumbed to the request of the criminals.
The city of Riviera Beach, Florida was hit with ransomware and they suffered the same fate as Baltimore. The City Council voted, and decided to pay the $600k that they demanded, in order to get their systems back up and running. The city’s online services, including email and 911 dispatches, were affected. How scary is that? Not being able to call 911 in an emergency because the systems are down?
I predict these type of attacks will become more frequent, and more damaging as the world of technology evolves.
During my career in the FBI, I used to tell companies to never EVER pay the ransom. This would just encourage criminal activity and would enable the criminals to do more damage. In my experience, some victims paid the ransom and never got their data back. Others were targeted again. It’s hard when it’s your company, to know what to do. But 9 times out of 10, your story won’t end with a happy ending. After all, there is no honor among thieves.
However, every day the phone would ring from an organization, both large and small, municipalities and schools systems- claiming they were hit with ransomware. I would tell them; “As long as you have a good back-up plan in place, you will likely be okay.” In return, there were two responses. Either dead silence on the other end, or they would say out of anger and frustration, “If I had a back-up, I wouldn’t be calling.”
To pay the ransom, or not pay the ransom. That is the question.
My stance on it all, is if you take the steps beforehand, you will never be in this position. The most-likely method for the malware behind ransomware is email.
And it all starts when an employee clicks on a link.
Mistakes happen. But a small mistake in the IT world can have major consequences. Are we backing up our mission-critical information and storing the back-ups off the network? I’ve seen companies become infected, but the back-ups did not work.
We have fire-drills in case of a fire. We have evacuation practices in case of a large catastrophic event. Does your company have a drill in place, or a plan, on how to keep your mission-critical information safe via a cyber-attack?
Test these systems before you get hit.
Here is a great document by US CERT on steps you take. Become a human firewall. You don’t have to be the next victim!