Ransomware Attack: Not If, But When

It may not be news to you that ransomware is on the rise, but the numbers may leave you shocked. In 2021 alone, there were close to 630 million ransomware attacks worldwide.1 The cost of ransom payments demanded by hackers are also increasing in tandem with the increase in attacks. According to a recent projection, the global annual cost of ransomware attacks will reach $42 billion by the end of 2024.2

A ransomware attack can affect any organization, regardless of size or industry. And with ransomware hitting businesses every 11 seconds,2 it’s best not to ask if your business will come under attack, but when. By preparing yourself in advance with the right security measures and solutions, you can protect your organization and your data from a devastating breach.

Before Reacting to a Ransomware Attack

1. Don't Pay Ransom for Your Data
The FBI advises against paying ransom because spending money doesn’t guarantee the hackers will share the keys to decrypt your data.

There are two reasons for this: One, it simply doesn’t make sense to place your trust in cybercriminals who have already demonstrated that they aren’t afraid to break the law and take advantage of you for financial gain. Two: by paying ransom, you incentivize criminals to conduct further attacks. If no one ever paid ransom, there would likely be far fewer ransomware attacks, since it wouldn’t be a financially viable venture.

Of course, many businesses feel they have no choice but to pay, since they don’t have sufficient security, backup or compliance measures, and are desperate to get their data back. In that case…

2. Hire a Ransomware Negotiator
If you must pay to get your data back, seek help from a professional ransomware negotiator.

The more data hackers encrypt, the greater their negotiating power. Before you begin negotiating ransom, you’ll want to know how much data has been compromised and what negotiating methods the hackers have used in the past. A professional negotiator can help with this process. Although a ransomware negotiation rarely results in a ransom demand being totally withdrawn, it can significantly bring down the asking price.

3. Assume Hackers wil Leak Your Data, Even if You Pay
If you do fall victim to a ransomware attack, expect that your data is no longer safe—and you may not get it back at all. Here are a few likely scenarios you’ll want to keep in mind:

  • The data will not be erased in a trustworthy manner. It will be sold, improperly handled, or stored for future extortion attempts.
  • Multiple parties would have handled the exfiltrated data, making it insecure. Even if the hacker deletes a large portion of the data once the ransom is paid, other parties who had access to it may have made duplicates to make payment demands later.
  • Before a victim can respond to an extortion attempt, the data may get leaked either intentionally or inadvertently.
  • Even if the threat actor explicitly promises to release the encrypted data after payment, they may not keep their word.

Before It's Too Late, Make Your Move

You can take action now to protect yourself against ransomware attacks by creating a layered security plan.

Since no security technology or measure is flawless, layered security assumes that attackers will infiltrate different layers of an organization's defenses. The goal of this approach is to provide multiple security measures so that if an attack gets past one security tool, there are others in place to help identify and stop the attack before your data is stolen.

Not sure where to start? We can help. CHR Solutions has the expertise you need to protect your business and your data from harm. Contact us to speak with our experienced team about a cybersecurity plan tailored to your unique needs.

Sources: 1. Statista; 2. Cybersecurity Ventures