Ransomware is a form of cyber-extortion in which malicious software encrypts data to prevent victims from accessing it unless they pay a ransom for a decryption key. Ransoms are almost invariably paid in cryptocurrency like Bitcoin due to the untraceable nature of transactions. It’s one of the most common cybersecurity threats of all now that criminals operating out of the dark web are enrolling affiliates in huge numbers to increase their profits.
While ransomware doesn’t include the theft of confidential information, that doesn’t mean you can afford to ignore it. Although most attacks can easily be mitigated through proper employee training and a clearly defined backup and disaster recovery strategy, a successful attack often still points to a much more serious problem than ransomware alone. In other words, the costs of remediating after an attack are often much higher than the ransom alone.
#1. System downtime
When a system is attacked by ransomware, all data stored on it will be encrypted. The more aggressive strains of ransomware are specifically designed to spread across a network, even to the point of infecting cloud-hosted resources. Without access to those systems, business can grind to a halt, as major organizations like Britain’s NHS and Germany’s Deutsche Bahn found out when they fell victim to the WannaCry attack of 2017.
#2. Loss of proprietary data
Data is increasingly behind everything businesses do. Because ransomware doesn’t generally involve the theft of information, breaches of compliance and customer privacy aren’t normally top concerns. Much worse is losing access to proprietary business data, such as intellectual property. For example, if an attack means losing several years’ worth of research data, there’s a good chance your business will be finished for good if it doesn’t pay the ransom.
#3. Reputational damage
Even though ransomware attacks don’t expose customers like cases of information theft do, an attack can still lead to reputational damage. After all, regulations still require you to report attacks of a certain magnitude, no matter which records, if any, were stolen in the process. Since ransomware attacks lead to unscheduled downtime while companies struggle to recover their data, organizations may also end up being unable to use their services.
#4. Cost of remediation
Even if you have a robust backup and disaster recovery plan in place, getting back what you’ve lost isn’t always a quick and easy process. For example, recovering multiple terabytes of data across lots of different systems takes time, which equals money. On top of that, you have to consider the costs of the security assessments required to determine what went wrong and how to prevent such an incident from happening in the future.
#5. Ransom payments
Paying the ransom should always be considered a last resort. After all, since you’re dealing with criminals, there’s no guarantee you’ll ever be able to get your data back intact anyway. Ransom prices are typically based on the number of computers infected, although some high-profile targets may be extorted for a whole lot more. For example, when municipal computers belonging to Riviera Beach in Florida were infected, the city was forced to pay $600,000.
Midwest Data Center helps business leaders innovate and mitigate risk with expert guidance and managed solutions. Call us today to find out how.