Ransomware attacks are on the rise among businesses and government agencies, raising concerns about how to combat this common disruption to systems that cost thousands of dollars to combat.
What Are the Statistics on Ransomware Attacks?
Ransomware attacks target systems and websites by infecting machines and access with viruses that render such functions unusable. After a system is locked out, the hacker demands payment, usually in the form of bitcoin or another form of cryptocurrency in order to regain access.
According to the 2018 Hiscox Small Business Cyber Risk Report, ransomware is the most common type of cyber attack. One type of ransomware attack targets a specific organization, demanding a vast ransom in return for regained control. A distributed ransomware attack casts a wider net, looking for smaller ransoms from a larger number of organizations.
Both can be financially brutal. According to Hiscox, the average cost per cyberattack is $34,604 for small businesses and $1.05 million for large businesses. However, only 52 percent of businesses have a “clearly defined strategy around cybersecurity,” according to Hiscox.
Why Are Ransomware Attacks So Disruptive?
The risks require diligence on several levels. First, companies and agencies need to invest in monitoring that prevents unwanted intrusions from taking hold in systems and on networks. Secondly, they need automatically updating anti-virus, anti-spam and anti-phishing tools on all company devices.
Thirdly, organizations need data backup and disaster recovery plans that allow them to respond quickly to such attacks with minimal impact on operations.
“We get calls every couple months where somebody has been hit by ransomware and they’re asking us to help them either decide that they’re going to pay the ransom or that they can recover otherwise,” said Luis Alvarez, founder of the Alvarez Technology Group, in a recent radio interview. “When you get to the point where the only option is to recover or to pay the ransom, it’s typically because the backups weren’t being checked in or being confirmed.”
What Are the Options in a Ransomware Attack?
As Alvarez pointed out, often the only two options are to pay the ransom requested or rely on backups. The city of Atlanta faced such a dilemma when in March 2018 it was attacked. The hackers used a brute-force attack to find weak passwords until a match was found. The attack affected a range of systems, including those used to access court information, track license plates and allow residents to pay bills.
The hackers demanded $50,000 in ransom to restore access but the city refused to pay, instead decided to work around the attack. Instead, it spent months … and $20 million … to recover most of the data. In November 2018, the FBI arrested two Iranian men as suspects in the attack, part of a wide-ranging ransomware scheme called SamSam.
What Can Businesses and Agencies Do to Prevent Attacks?
Businesses need to be diligent in their approach to security. Protections should include an initial security assessment to identify vulnerabilities. A strong organizational canvas of security provisions includes next-generation firewalls, anti-virus software, employee training and rigorous policies about usage, passwords and authentication.
Alvarez Technology Group delivers security assessments, consulting and solutions designed to keep your organization protected. To learn more, schedule a free, no-obligation initial consultation with one of our IT security experts.