Should you pay if your data is held for ransom?

Ransomware attacks have increased in sophistication, frequency and demands. In fact, the average ransomware demand in the first quarter of 2020 was $111,605, up 33% from the fourth quarter of 2019. As its name implies, ransomware is a type of malicious software that encrypts your files, and then threatens to either destroy or prevent you from getting access to your data unless some form of ransom is paid. It has even become common for penalties to occur when demands aren’t met. For instance, a number of files may be deleted for every hour a hacker’s demands aren’t met.

Should you pay a ransom if something like this were to happen to your company? Experts seem to agree the answer is no: there’s no guarantee that you’ll really get your data back. Statistically, you only have a 60% chance of recovering your data if you pay the ransom.

The best thing to do is to be proactive and not be put in this position in the first place. Some ways to build a defense:

* Make sure all employees are trained to identify suspicious links and emails;

* Backup your data using the 3-2-1 method. Create 3 copies of your data, 2 different types of storage media (external hard drive & cloud), 1 copy stored off-site.

* Keep operating systems and software up to date with the most current security patches to avoid any vulnerabilities in your system.

It is important to remember that ransomware protection is just a small piece of the cybersecurity pie.

ICC puts a number of cybersecurity tactics in place to minimize exposure and significantly reduce the possibility of an attack. At a minimum, a comprehensive cybersecurity strategy should include email security, network security, monitored backups, test restoring, employee education and Quarterly Cybersecurity Reviews. If you are missing one piece of the pie, you may be exposed to cyber-attacks and could be faced with significant business disruption and financial loss.

If you don’t have the right continuity plan in place, your business could be forced to close overnight. Call ICC today to find out how to lower your risk at (970) 821-8592. ICC will work to give you the best defense strategy against a ransomware attack.

December 9, 2021

Security