By Erica Antony
Not a day passes without news about an organization being held hostage with encryption-based malware, aka ransomware. The Internet Crime Complaint Center reported that last year alone, ransomware events cost U.S. organizations $24 million. A recent Trend Micro report revealed that attacks on business emails and business processes will continue to grow in 2017 because they’re cheap and simple forms of corporate extortion. Another survey of SMBs by Kaspersky found that 67 percent admitted that they lost at least some business data to ransomware.
These statistics underscore a growing issue that’s impacting businesses of all sizes — one that executives cannot ignore and will inevitably fall to IT and partners to resolve.
I’m sure the irony of it isn’t lost on many in tech: The same tool that’s designed to help secure your data is now used against you in a criminal endeavor. Because of the way payloads are delivered and the fact that new strains of malicious code are created every day, it’s extremely difficult to prevent ransomware infection even with the most up to date antivirus. Adding insult to injury, once a customer’s data is locked, there’s no easy way out — you’d better have a Bitcoin wallet ready to pay up. Right?
Well, maybe not.
Historically, paying the ransom was successful in most cases. However, with the rising frequency of attacks, that is no longer certain, according to a new report by Carbonite that polled 618 SMB employees with responsibility for containing ransomware infections within their organizations. Of those who had been successfully attacked, just 55 percent say that once the payment was made, the cyber criminal provided the decryption cypher or key. The same number said with some level of certainty that the ransomware exfiltrated data. So clearly, paying up doesn’t always set everything right.
Currently, there’s no consensus on whether to pay ransoms. Even law enforcement, including the FBI, tends to waffle on the subject. I believe you don’t have to pay. Here’s why, and some tips on how to mitigate the damage from a ransomware event.
By giving a customer room to make its own decisions, you remove the need to negotiate with attackers should ransomware spread and infect business-critical data. An extremely effective way to approach ransomware from a disaster-recovery perspective is by implementing and regularly testing a robust recovery solution with traditional and cloud-based options to turn back the clock and restore business-sensitive data. No ransom needed.
Want to learn more? Download our free report, DR in the Ransomware Age: Isolated Recovery, DRaaS snd Embracing IT Resiliency to find out how DRaaS solutions have revolutionized RTO and RPO, plus much more.
However, there are some gotchas and best practices to help organizations stay out of the ransomware headlines and keep business running as usual. Remember, backup servers are targets, too.
In many ways, the onslaught of ransomware is the biggest threat to customers today; however, it also offers businesses an incentive to re-assess business continuity and disaster-recovery strategies to ensure no area has been overlooked. By combining a solid threat detection and malware eradication solution with a robust data availability plan, partners can equip customers for the fight against ransomware. It all starts by educating end users and applying best practices to protect their environment. And if organizations have total confidence in their data-protection solution, they can to go from infection to recovery without worrying about having to make the choice between paying or not paying during a ransomware attack.