In this week news, the foreign currency exchange firm Travelex has been forced to resort to recording transactions with pen and paper after falling victim to a ransomware attack by hackers on New Year’s Eve.
As a result, the company took down its websites across 30 countries to contain “the virus and protect data” and the hackers behind this nasty attack are demanding $6 million US Dollars.
The hackers behind the Ransomware claim to have gained access to the company’s computer network some six months ago and have managed to downloaded 5GB of sensitive customer data (dates of birth, credit card information and national insurance numbers).
Question: Would you pay to get back your data?
A difficult question to answer and there has been much debate in the media about it.
But here is the problem, to think that the malicious software would disappear once the ransomware has been paid is like wishing for the bushfire to die down quickly.
Paying for Ransomware doesn’t mean that the problem has been solved. In fact, these days such malware attacks is a sign for the miscreants that the client is ready to pay…. And pay they will.
For example, in June 2017, Copenhagen-based shipping giant A.P. Moller-Maersk, which moves about one-fifth of the world’s freight was ht by specific ransomware (NotPetya) which affected 4,000 servers and 45,000 pcs. Yet two long years after shipping giant Maersk was forced to rebuild a network, ransomware incidents remain widespread.
Interestingly, organisations in the throes of cleaning up after a ransomware outbreak typically will include in changing passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint.
“Modern ransomware not only encrypts data but exfiltrates it for further benefits”
In another case, employees of Sherwood-based telemarketing firm The Heritage Company sent home more than 300 employees and told them to find new jobs after recovery IT efforts didn’t go according to plan following a ransomware incident that took place days before Christmas.
After spending two months trying to recover, initial estimates were at one week, but the company failed to recover by Christmas.
As a result of the botched ransomware recovery process, the company’s leadership decided to suspend all services, leaving more than 300 employees without jobs
What happened to The Heritage Company is not an isolated incident. Over the past two years, there have been many cases where smaller companies decided to shut down for good, lacking the funds to pay a ransom demand to get their data back or lacking the funds needed to rebuild their IT infrastructure.
For example, in April 2019, doctors at a medical practice office in Michigan decided to shut down their business and retire one year ahead of schedule, rather than deal with the fallout from a ransomware infection.
Similarly, a second medical office, based in Simi Valley, California, reached the same conclusion in September 2019, deciding to shut down all operations after they were infected with ransomware a month before and lacked the funds to pay the ransom.
Moral of the story: Companies that experience a ransomware attack or for that matter any type of equally invasive malware infestation, should never assume that paying the hackers for the ransomware will solve their nightmares. The aftereffects from the attacks can range from any of the following:
Being offline indefinitely as the decryption key provided to you by the miscreants doesn’t work.
Additional malware and back doors installed on your systems to allow the miscreants to further mine and cause havoc on your network and business.
To spy on users to capture identifiable and personal information such as your bank credentials, credit cards details, social security numbers, etc.
To steal passwords so that they can access organisation assets as well as cloud applications.
What can you do about it? It starts with havinga cyber-resilient hygiene mindset approach.
What does this mean? Resiliency is about your business being able to bounce back to a normal working state from the adversary.
So, let me ask you a question – How cyber resilient is your business? Most if not all small businesses will have no idea.
And, the good news, it’s NOT about having to invest in more sophisticated security technologies that will develop cyber resiliency. No, that just adds more fuel to the fire.
Developing cyber resilience is about performing daily “cyber hygiene” habits, similar to like brushing your teeth. In that way, you start to build cyber resiliency practice. It’s about consistently executing on cyber hygiene habits daily to ensure that your business is cyber secure.
And the massive benefit for your business is that you save thousands of dollars on technologies and expensive consultants.
Want to know how your business can achieve cyber resiliency?
In my new book “How To Protect Your Business From Cyber Breach In Only 2 Minutes A Day”, I articulate it very easily and quickly how you canstart on the path of becoming cyber resilient.
If you are interested in getting a copy of the book for yourself, please reach out to me. I will let you know when it is available.
Register your interest here.
As always, we would love your feedback and comments.