On average, every 39 seconds, cyber criminals are attacking. (University of Maryland) Ransomware is a threat to every business, organization, and industry that contains data. The destruction that ransomware attacks cause can be devastating, leaving businesses, leaders, and executives in a world of hurt. With ransomware happening at an increasing rate, there is a lot of information about ransomware that can sometimes be overwhelming. We are going to sort through the constant stream of overwhelming information to determine which statements about ransomware are FACT and which statements are FALSE.
#1 – Cyber criminals target large corporations in ransomware attacks.
FALSE! While large enterprises and organizations are not immune to ransomware attacks, cyber criminals understand the opportunity that lies beyond the big names. The small business and mid-sized markets may even be at a higher risk. In 2018, 71% of ransomware attacks targeted small businesses (Beazley Breach Response Services)
#2 – If you pay the ransom, you will get your data back.
FALSE! Although all businesses and organizations are consistently encouraged to do everything they can to NOT pay the ransom, as this only encourages the hackers’ behavior, paying the ransom has not proven to be the most reliable solution either. According to TechNewsWorld “there’s a one in five chance you won’t get your data back.” This could happen for a variety of reasons, the decryption system may fail, cybercriminals may demand more money, and they could target you again.
#3 – It has been estimated that Baltimore City has paid more than $18 million dollars trying to recover from a ransomware attack.
FACT! After the city’s computer system was hit with a ransomware infection in May of last year, the government did as is typically encouraged in these situations, and did not pay the ransom. This attack affected airports, hospitals, ATM’s, and other organizations critical to the day-to-day function of the city. Since May 2019, the city continues to put forth effort to rebuild their systems. It has been estimated that over $18 million dollars have been spent recovering from this horrific attack. (Engadget)
#4 – Most ransomware creators demand payment in cryptocurrencies, chiefly bitcoin.
FACT! There are several reasons Bitcoin has been the common payment demanded, the first of which is because it is easily accessible. Bitcoin can be purchased via an exchange using a credit card, debit card, or bank transfer. This makes it more likely for victims to pay the ransom. Bitcoin also offers anonymity which allows the attacker to take their ransom payments and continue on with their identities hidden. (Emsisoft)
#5 – Ransomware attacks are always sophisticated and specifically targeted.
FALSE! Although some ransomware attacks may be targeted toward a specific organization, this is not always the case. Because many ransomware attacks start by the click of a suspicious link in an email, criminals will run spam email campaigns with the hope that someone will click the link and unknowingly download their ransomware.
Ransomware is not going anywhere anytime soon. Educate yourself and your staff about the risks and where your business or organization may be vulnerable to an attack. Most importantly, be prepared. Create a data backup and recovery plan to ensure you will be protected.
Trinsio provides Rubrik’s award winning data backup and recovery technology to your small businesses and organizations, giving you an opportunity to utilize the same technology used by the U.S. Department of Defense, but for a cost that can be affordable for you.