Why you should never pay a ransomware demand

29 Apr 2019

Published in: Blog

The impact of ransomware is an incredibly scary event to experience and can put your business in serious peril. Should you pay a ransom demand?

The cyber threat of ransomware is thriving and is currently one of the hottest topics on everyone’s agenda. It is an incredibly scary event to experience and can put your business out of action for days and take weeks to fix.

With this in mind, it can be tempting to consider paying the ransom demand. It’s an interesting point.


Attacks are targeted and more sophisticated

We’re helping clients to deal with attempted cyber-attacks from malware and ransomware on an almost daily basis. These attacks used to be random and speculative, but today they are targeted and sophisticated.

Last month a business owner contacted us in an emergency because a ransomware attack had encrypted all their company’s data and none of their 200 staff were able to work.

The week before, a member of staff received an email attachment and had saved it to a shared drive. Then, a few days later, during a routine patching update, the servers were rebooted and the malware was activated and encrypted all their data.

When the staff came into work the next day, the computers would not reboot, their screens were blank and months of hard work had disappeared. Their entire system – files, invoices, emails – was gone.

Then the ransom demand came. It popped up on a screen without warning. “I’ve encrypted your files, pay me or they will be lost forever.” The cyber criminals were demanding a 20 Bitcoin ransom – that’s £60,000.  The business owner decided not to pay the ransom.

It took us two days to get their systems up and running and another two weeks to recover their data. So far, the cost to the client of lost business and regulatory fines is £250,000 and still rising. Our fee to recover their data and get them back up and running was less than 3 per cent of that.


Should you pay?

It can be easy to think, in hindsight, if we had paid the ransom demand we would have saved nearly £190,000. But the business owner decided not to for the following reasons:

·         If you hand over the money, how do you know the cyber criminal will release your data? According to a recent survey, less than half of those who pay a ransom demand end up getting their data back. The same study found that nearly 9 in 10 of those who refused to pay the demand ended up recovering their data.

·         You encourage criminal activity

·         The National Cyber Crime Agency advises against it.

That said, it’s an interesting point, this client may have saved £190.000 (with hindsight). What decision would you have made?


We are not prepared

Ransomware has become the most severe and effective form of malware used in cyber-attacks and small business owners are particularly at risk this year. Ransomware breaches doubled last year and could double again this year. A recent report suggests that as much as 54% of malware samples get past antivirus and endpoint security applications.

The average cost of breaches is significant, ranging from £16,000 for medium-sized businesses up to £250,000 for larger ones. And we are not prepared. One in 10 businesses doesn’t believe they have the right skills to deal with cyber security breaches.

Ransomware is a particularly nasty and effective type of computer virus that is targeted directly at businesses like yours. You don’t have to be visiting dodgy websites to be at risk, they target you. It doesn’t even matter if you have firewalls in place, and it is just as likely to happen to smaller companies as it is to larger ones.


Make sure you take steps to protect yourself and beat the criminals

It was painful for me and my team to see real people who work in this business so devastated by an event that their company may not survive. You might think ‘it will never happen to me’ but the facts are that last year 47% of small businesses in the UK suffered breaches or attacks, and cyber threats are on the increase.

Even with a full plan and advanced security measures in place, no one can relax when it comes to cybersecurity. In addition, most cybersecurity is created incrementally as new threats are understood and new technologies established.

 

The best way to protect yourself is to make your business safe by ensuring you have a sound backup and recovery plan in place in case of such an event. Make sure your business and your customers are protected against the most malicious attack your business can face.

 

Sources

https://cyber-edge.com/cdr/#about-this-report

Government’s Cyber Security survey

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/702074/Cyber_Security_Breaches_Survey_2018_-_Main_Report.pdf

Submitted by Tim from MSV Consultancy
Share on Facebook Share on Twitter Share on Linked In

Comments

No comments have been submitted yet.

Post A Comment

You must be logged in to post a comment. Please click here to login.